32015 matches found
PT-2026-53063
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where the audio buffer backing a mapping could be freed upon closing the device while the mapping remains valid. This allows the freed memory to ...
CVE-2026-46710
Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the...
CVE-2026-45257
The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through non-anonymous MEXTPG pages or...
CVE-2026-53200
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64 architectures. This vulnerability arises from incorrect handling of the Execute Never XN bit, a memory protection feature, when the FEATXNX feature is not enabled. This error can lead to execute permissions being...
Insecure Temporary File
Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Insecure Temporary File via the...
CVE-2026-46732
Dell Display and Peripheral Manager (DDPM Mac) is affected. Versions prior to 2.3 suffer from a race condition caused by concurrent execution accessing a shared resource due to improper synchronization. Attackers with local access and low privileges could exploit this to achieve elevation of priv...
CVE-2026-57589
sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...
CVE-2026-57589
The CVE-2026-57589 entry concerns OpenBSD (through 7.9) with a use-after-free in sys/kern/sysv_sem.c that enables a local privilege escalation to root . The root cause is a context switch use-after-free after tsleep in sys_semget(). This applies to the OpenBSD kernel code path handling System V s...
CVE-2026-52943
A flaw was found in the Linux kernel. The pskbcarveinsideheader and pskbcarveinsidenonlinear helper functions, which handle network packet buffers, do not correctly account for zero-copy references. This oversight can lead to a use-after-free vulnerability, where memory is prematurely released...
CVE-2026-54328 Pi: Predictable temporary extension install paths allow local privilege escalation on shared Linux hosts
Pi is a minimal terminal coding harness. From 0.74.0 until 0.78.1, Pi versions with temporary npm or git extension package installs used predictable paths under the operating system temporary directory. On Linux-based multi-user systems, a local attacker who can write to the shared temporary...
SUSE-SU-2026:2530-1 Security update for libinput
This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...
SUSE-SU-2026:2529-1 Security update for libinput
This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...
SUSE-SU-2026:2524-1 Security update for libinput
This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...
SUSE-SU-2026:2523-1 Security update for libinput
This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852...
Ubuntu 26.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8461-1)
The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8461-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. ...
kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
BIT-DOTNET-2026-35433 .NET Elevation of Privilege Vulnerability
Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...
CVE-2026-12781 EaseUS Partition Master Kernel Driver epmntdrv.sys access control
A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly...
CVE-2026-12779 AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control
A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploi...
PT-2026-51188
Name of the Vulnerable Software and Affected Versions AOMEI Partition Assistant versions prior to 10.10.2 Description Improper access controls exist within the Kernel Driver component, specifically affecting unknown code in the ampa10.sys library. This issue allows a local attacker to manipulate...