CVE-2026-7280

AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrary code execution with system privileges when the AVACAST service starts...

CVE-2026-20751

Out-of-bounds read for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2026-10074

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2025-30650 Junos OS: Privileged local user can gain access to a Linux-based FPC as root

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...

Juniper Junos OS Vulnerability (JSA107863)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107863 advisory. - A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to...

CVE-2025-22850

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-22850

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-20073

CVE-2025-20073 describes an information disclosure vulnerability in the UEFI DXE module for some Intel reference platforms. The issue is caused by improper buffer restrictions, which could allow a local privilege user with high complexity to cause data exposure without user interaction. Impact is...

CVE-2026-22285

Dell Device Management Agent DDMA, versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access...

CVE-2025-32467

Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

AMD EPYC 9005 Series 安全漏洞

The AMD EPYC 9005 Series is a series of processors developed by Advanced Microelectronics Devices, Inc. AMD. There are security vulnerabilities in the AMD EPYC 9005 Series. These vulnerabilities stem from improper handling of error conditions during host failures, which may allow privileged local...

PT-2026-7301

Name of the Vulnerable Software and Affected Versions TDX Module versions prior to tdx1.5 Description A race condition exists within the hypervisor in Ring 0 for some TDX Module versions prior to tdx1.5, potentially leading to a denial of service. An authorized adversary with privileged user...

EUVD-2026-5393

Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege...

CVE-2026-20982

Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege...

CVE-2026-20982

Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege...

PT-2026-6092

Name of the Vulnerable Software and Affected Versions Adobe ShortcutService versions prior to SMR Feb-2026 Release 1 Description A path traversal issue exists in ShortcutService. A privileged local attacker can create a file with system privileges. Recommendations Update Adobe ShortcutService to...

EUVD-2023-25660

Malicious code in bioql PyPI...

EUVD-2024-37365

Malicious code in bioql PyPI...

EUVD-2023-35085

Malicious code in bioql PyPI...

EUVD-2025-14672

Malicious code in bioql PyPI...