Lucene search
+L

5229 matches found

Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.20 views

PT-2026-50234

In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.5AI score0.00165EPSS
Exploits0References3
NVD
NVD
added 2026/06/16 8:16 p.m.10 views

CVE-2026-0150

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00067EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 8:16 p.m.11 views

CVE-2026-0137

In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00073EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 6:16 a.m.13 views

CVE-2025-10262

Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privileges...

6.3CVSS0.00116EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-49796

In edgetpu sync fence group shutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.5AI score0.00073EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-49801

In lwis device external event emit of lwis event.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.6AI score0.00073EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.33 views

CVE-2026-36213

An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component...

0.00479EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

FreeBSD : FreeBSD -- Use-after-free bug in the IPV6_MSFILTER socket option handler (c5b7ac13-6473-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c5b7ac13-6473-11f1-958d-bc241121aa0a advisory. The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list...

7.8CVSS5.4AI score0.00104EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.10 views

CVE-2026-45605

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00286EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 2:57 p.m.28 views

CVE-2026-53694 Potential local privileges escalation through argument injection in the nxchmod.sh script

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

7.3CVSS0.00131EPSS
Exploits1References2
NVD
NVD
added 2026/06/10 12:16 p.m.16 views

CVE-2026-24067

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's process identifier and...

8.4CVSS0.00131EPSS
Exploits1References2
NVD
NVD
added 2026/06/09 5:17 p.m.17 views

CVE-2026-42837

Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00326EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:6 p.m.12 views

EUVD-2026-35741

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS5.6AI score0.00173EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.10 views

Windows DWM Core Library Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS7.3AI score0.00267EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.9 views

Winlogon Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Winlogon allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.02282EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.10 views

Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...

7CVSS5.6AI score0.00186EPSS
Exploits0
EUVD
EUVD
added 2026/06/09 8:46 a.m.13 views

EUVD-2026-35385

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...

8.8CVSS5.5AI score0.00206EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47890

Name of the Vulnerable Software and Affected Versions Windows Ancillary Function Driver for WinSock affected versions not specified Description A use after free issue in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Use after free i...

7CVSS5.4AI score0.00234EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48150

Improper link resolution before file access 'link following' in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00329EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/03 4:2 p.m.9 views

CVE-2026-0009

In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00075EPSS
Exploits0References1
Rows per page
Query Builder