Lucene search
K

32031 matches found

OSV
OSV
added 2026/06/23 8:53 a.m.5 views

SUSE-SU-2026:2524-1 Security update for libinput

This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 8:52 a.m.2 views

SUSE-SU-2026:2523-1 Security update for libinput

This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...

9.8CVSS5.8AI score0.00498EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.8 views

Ubuntu 26.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8461-1)

The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8461-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. ...

8.8CVSS7.1AI score0.93235EPSS
Exploits57References19
RedHat Linux
RedHat Linux
added 2026/06/22 6:44 a.m.6 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References7
OSV
OSV
added 2026/06/22 5:39 a.m.3 views

BIT-DOTNET-2026-35433 .NET Elevation of Privilege Vulnerability

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...

7.3CVSS5.8AI score0.00662EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 5:45 a.m.36 views

CVE-2026-12781 EaseUS Partition Master Kernel Driver epmntdrv.sys access control

A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly...

8.5CVSS0.00112EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/21 5:15 a.m.34 views

CVE-2026-12779 AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control

A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploi...

8.5CVSS0.00113EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.19 views

PT-2026-51193

Name of the Vulnerable Software and Affected Versions IM-Magic Partition Resizer versions prior to 7.9.0 Description Improper access controls in the Kernel Driver component, specifically within the MDA NTDRV.sys library, allow for local privilege escalation. This issue occurs when a local attacke...

8.5CVSS7.1AI score0.00113EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.13 views

PT-2026-51189

A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploi...

8.5CVSS6.4AI score0.00113EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.21 views

PT-2026-51192

Name of the Vulnerable Software and Affected Versions EaseUS Partition Master versions prior to 14.6 Description A security flaw exists in the Kernel Driver component within the EUEDKEPM.sys library. An unknown function in this library allows for improper access controls, which can be exploited b...

8.5CVSS7.1AI score0.00109EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.20 views

PT-2026-51190

Name of the Vulnerable Software and Affected Versions AOMEI Backupper versions prior to 8.3.0 Description An issue exists in the Kernel Driver component within the amwrtdrv.sys library. A local attacker can perform a manipulation of an unknown function to cause improper access controls...

8.5CVSS7AI score0.00111EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.18 views

PT-2026-51191

Name of the Vulnerable Software and Affected Versions EaseUS Partition Master versions prior to 14.5 Description An issue exists in the Kernel Driver component within the epmntdrv.sys library. A local attacker can manipulate an unknown function to cause improper access controls, which occurs when...

8.5CVSS7.1AI score0.00112EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.20 views

PT-2026-51188

Name of the Vulnerable Software and Affected Versions AOMEI Partition Assistant versions prior to 10.10.2 Description Improper access controls exist within the Kernel Driver component, specifically affecting unknown code in the ampa10.sys library. This issue allows a local attacker to manipulate...

8.5CVSS7.2AI score0.00113EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.30 views

PT-2026-51194

Name of the Vulnerable Software and Affected Versions Ezbsystems UltraISO Premium Edition versions prior to 9.77 Description Improper access controls exist within the Kernel Driver component, specifically affecting the bootpt64.sys library. This issue allows for unauthorized access when manipulat...

8.5CVSS7.1AI score0.00113EPSS
Exploits0References11
NVD
NVD
added 2026/06/19 3:16 p.m.13 views

CVE-2020-37253

Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...

8.5CVSS0.00109EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 3:16 p.m.11 views

CVE-2022-50971

Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the system root path. Attackers can place executable files in unquoted path directories that execute with LocalSystem...

8.5CVSS0.00205EPSS
Exploits1References4
NVD
NVD
added 2026/06/19 3:16 p.m.10 views

CVE-2021-47985

Brother SAPSprint 7.60 contains an unquoted service path vulnerability in the SAPSprint service binary that allows local attackers to escalate privileges. Attackers can place a malicious executable in the Program Files directory path to be executed with LocalSystem privileges when the service...

8.5CVSS0.00115EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 3:16 p.m.10 views

CVE-2019-25747

Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrar...

8.5CVSS0.0012EPSS
Exploits0References4
NVD
NVD
added 2026/06/19 3:16 p.m.10 views

CVE-2016-20094

AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert malicious executables in the system root path that execute with elevated privileges during applicatio...

8.5CVSS0.00181EPSS
Exploits1References4
NVD
NVD
added 2026/06/19 3:16 p.m.11 views

CVE-2016-20087

Fortitude HTTP 1.0.4.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated privileges by exploiting the service binary path. Attackers can insert malicious executables in the system root path that execute with SYSTEM privileges during...

8.5CVSS0.0012EPSS
Exploits0References4
Rows per page
Query Builder