868 matches found
CVE-2026-20426
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538...
EUVD-2026-9153
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539...
CVE-2026-20425
CVE-2026-20425 describes a local escalation-of-privilege due to a missing bounds check that allows an out-of-bounds write in display logic. Exploitation requires no user interaction and would grant System-level privileges to a sufficiently privileged attacker. The reports consistently cite the sa...
PT-2026-22566
In MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10432500; Issue ID: MSV-5803...
PT-2026-22555
In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537...
PT-2026-22570
In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10289875; Issue ID: MSV-5184...
PT-2026-22552
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5540...
PT-2026-22567
In display, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5723...
PT-2026-22568
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722...
PT-2026-22556
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5536...
PT-2026-22553
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539...
PT-2026-22569
In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436995; Issue ID: MSV-5721...
EUVD-2026-8834
The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege...
CVE-2026-23703
The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege...
CVE-2026-23703
The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege...
CVE-2026-23703
The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege...
Multiple vulnerabilities in the installer of FinalCode Client
Overview The installer of FinalCode Client provided by Digital Arts Inc. contains multiple vulnerabilities listed below. Incorrect default permissions CWE-276 - CVE-2026-23703 Uncontrolled search path element CWE-427 - CVE-2026-25191 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported...
CVE-2019-25343
NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification...
CVE-2026-20982
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege...
CVE-2026-20412
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5733...