Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally...

cryptodev-linux 资源管理错误漏洞

cryptodev-linux is an open-source Linux kernel encryption device driver developed by cryptodev-linux. Versions of cryptodev-linux prior to 1.14 contain a resource management vulnerability. This vulnerability stems from a page reference handling flaw in the getuserbuf function of the /dev/crypto...

CVE-2025-20745

In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294...

Realtek rtl81xx SDK Wi-Fi Driver 安全漏洞

Realtek rtl81xx SDK Wi-Fi Driver is a network card driver software from Realtek Semiconductor Realtek, China. A security vulnerability exists in the Realtek rtl81xx SDK Wi-Fi Driver, which stems from insufficient validation of the N6CSetDOT11CIPHERDEFAULTKEY function, which could result in elevat...

CVE-2023-25174

Improper access control in some IntelR Chipset Driver Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access...

SUSE CVE-2016-6187

The apparmorsetprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook...

SUSE CVE-2022-40133

A use-after-freeUAF vulnerability was found in function 'vmwexecbuftiecontext' in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a...

MediaTek 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in MediaTek due to a lack of boundary checking in the WLAN driver, which could lead to out-of-bounds reads. An attacker could exploit the vulnerability to escalate local...

CVE-2018-8724

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges local. The component is: K7TSMngr.exe...

CVE-2018-8724

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges local. The component is: K7TSMngr.exe...

CVE-2020-29489

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text password storage vulnerability. A user credentials including the Unisphere admin privilege user password is stored in a plain text in a system file. A local authenticated attacker with access to the syste...

DEBIAN-CVE-2010-3359

If LDLIBRARYPATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account...

CVE-2017-0079

The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in...

DEBIAN-CVE-2015-8966

arch/arm/kernel/sysoabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted 1 FOFDGETLK, 2 FOFDSETLK, or 3 FOFDSETLKW command in an fcntl64 system call...

Git for Windows Untrusted Search Path Vulnerability

Git for Windows is a free, open source distributed version control system based on Windows developed by American software developer Linus Torvalds Linus Torvalds. An untrustworthy search path vulnerability exists in version 1.x of Git for Windows. This vulnerability can be exploited by a local...

HP ThinPro Local Elevation of Privilege Vulnerability

HP ThinPro is a thin client device from Hewlett-Packard HP in the United States. A security vulnerability exists in the Keyboard Layout Control Panel and Virtual Keyboard application on the HP ThinPro operating system. An attacker could exploit the vulnerability to locally gain unauthorized acces...

DEBIAN-CVE-2016-1583

The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling...

CVE-2016-4118

Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors...

UBUNTU-CVE-2014-3153

The futexrequeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEXREQUEUE command that facilitates unsafe waiter modification...

CVE-2014-2094

Untrusted search path vulnerability in Catfish through 0.4.0.3, when a Fedora package such as 0.4.0.2-2 is not used, allows local users to gain privileges via a Trojan horse catfish.pyc in the current working directory...