CVE-2025-67792

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Local unprivileged users can manipulate a DriveLock process to execute arbitrary commands on Windows computers...

CVE-2025-67792

DriveLock is affected in versions 24.1 (before 24.1.6), 24.2 (before 24.2.7), and 25.1 (before 25.1.5). The issue allows local unprivileged users to manipulate a DriveLock process on Windows to execute arbitrary commands. Root cause details are not fully disclosed in the provided excerpts, but mu...

CVE-2025-67781

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Local unprivileged users can manipulate privileged processes to gain more privileges on Windows computers...

EUVD-2016-5899

Malware in sbrugna...

PT-2025-40612

Name of the Vulnerable Software and Affected Versions MacForge version 1.2.0 Beta 1 Description The software contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root. Recommendations At the moment, there is no information about a newer version th...

EUVD-2025-7209

Malicious code in bioql PyPI...

PT-2025-31890 · Unknown · Electroncapture

Name of the Vulnerable Software and Affected Versions: Electron Capture versions 2.19.1 and below Description: Electron Capture facilitates video playback for screen-sharing and capture. The elecap app on macOS allows local unprivileged users to bypass macOS TCC Transparency, Consent, and Control...

CVE-2023-36631

Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as the application can be locked usi...

Below has Incorrect Permission Assignment for Critical Resource

Impact A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as...

GLSA-202402-02 : SDDM: Privilege Escalation

The remote host is affected by the vulnerability described in GLSA-202402-02 SDDM: Privilege Escalation - An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X...

USN-6286-1 intel-microcode vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 It was discovered that some IntelR XeonR Processor...

SUSE CVE-2018-1000532

beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS. This attack appear to be exploitable via The system must allow local users...

CVE-2021-1117

Windows contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service...

CVE-2021-38208

net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a getsockname call after a certain type of failure of a bind call...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1707)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

lvm2-cluster is vulnerable to denial of service. It was discovered that the cluster logical volume manager daemon clvmd did not verify the credentials of clients connecting to its control UNIX abstract socket, allowing local, unprivileged users to send control commands that were intended to only ...

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:0279-1)

This update for systemd fixes the following issues: This security issue was fixed : - CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges bsc1020601. The update package also includes non-security fixes. See advisor...

CVE-2011-2498

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service memory consumption by triggering creation of PTE pages...

virtualbox -- privilege escalation

Sun reports: A security vulnerability in the VBoxNetAdpCtl configuration tool for certain Sun VirtualBox 3.0 packages may allow local unprivileged users who are authorized to run VirtualBox to execute arbitrary commands with root privileges...

openSUSE Security Update : libvirt (libvirt-373)

libvirt misses some read-only connection checks for certain methods. This flaw enables local unprivileged users for example to migrate virtual machines without authentication CVE-2008-5086. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...