5229 matches found
PT-2026-50234
In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0150
In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...
CVE-2026-0137
In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-10262
Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privileges...
PT-2026-49796
In edgetpu sync fence group shutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
PT-2026-49801
In lwis device external event emit of lwis event.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-36213
An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component...
FreeBSD : FreeBSD -- Use-after-free bug in the IPV6_MSFILTER socket option handler (c5b7ac13-6473-11f1-958d-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c5b7ac13-6473-11f1-958d-bc241121aa0a advisory. The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list...
CVE-2026-45605
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...
CVE-2026-53694 Potential local privileges escalation through argument injection in the nxchmod.sh script
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...
CVE-2026-24067
Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's process identifier and...
CVE-2026-42837
Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...
EUVD-2026-35741
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
Windows DWM Core Library Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
Winlogon Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in Winlogon allows an authorized attacker to elevate privileges locally...
Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...
EUVD-2026-35385
A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...
PT-2026-47890
Name of the Vulnerable Software and Affected Versions Windows Ancillary Function Driver for WinSock affected versions not specified Description A use after free issue in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Use after free i...
PT-2026-48150
Improper link resolution before file access 'link following' in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...
CVE-2026-0009
In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...