3754 matches found
CVE-2026-8148
NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...
TRYHACKME_FLATLINE_REPORT
TryHackMe – Flatline CTF | Penetration Testing Report !Platf...
GHSA-X597-9FR4-5857 Hugo's Node tool execution allows file system access outside the project directory
Impact When building a Hugo site that uses Node-based asset pipelines PostCSS, Babel, TailwindCSS, Hugo invoked the configured Node tools without restrictions on file system access. As a result, executing hugo against an untrusted site could allow code running through these tools to read or write...
CVE-2026-41288 WatchGuard Agent on Windows Privilege Escalation Vulnerability
Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITY\SYSTEM...
sudo: Sudo: Privilege escalation due to failure in privilege drop calls
A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...
PT-2026-37645
Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITYSYSTEM...
EUVD-2026-27464
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMEDPIPEOPENREQ into a fixed WCHAR pipename160 stack buffer using wcscat without verifying null termination. The handler only...
EUVD-2026-27461
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGIDSBIEINIRUNSBIECTRL message is handled before normal sandbox and impersonation checks, and for non-sandbox...
CVE-2026-34461
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGIDSBIEINIRUNSBIECTRL message is handled before normal sandbox and impersonation checks, and for non-sandbox...
CVE-2026-34458
Sandbo xie-Plus (Windows) vulnerability CVE-2026-34458 affects versions 1.17.2 and earlier. The root cause is an INI CRLF injection in Sandboxie.ini via MSGID_SBIE_INI_ADD_SETTING and MSGID_SBIE_INI_SET_SETTING, allowing a standard local user to bypass EditAdminOnly/ConfigPassword and inject a ne...
GHSA-V37H-5MFM-C47C VM2 Has Sandbox Breakout Through Inspect Function
Summary VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. Details The node inspect method allows to log details of objects. To get to the...
EUVD-2026-27149
Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...
PT-2026-37229
Name of the Vulnerable Software and Affected Versions Sandboxie-Plus versions prior to 1.17.3 Description An issue exists in the NamedPipeServer::OpenHandler function where the server field from NAMED PIPE OPEN REQ is copied into a fixed WCHAR pipename160 stack buffer using wcscat without verifyi...
CVE-2026-42369
GV-VMS V20 WebCam Server contains a stack overflow in the b64decoder path of the gvapi flow. The decoded base64 string is copied into a 256-byte local Buffer without bounds checking, so if the decoded data exceeds 256 characters an attacker can trigger a stack overflow. The product is described a...
PT-2026-36929
Name of the Vulnerable Software and Affected Versions Amazon WorkSpaces for Windows versions prior to 2.6.2034.0 Description Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service allows a local non-admin authenticated user to place arbitrary files in...
CVE-2026-7461
CVE-2026-7461 affects the FSx Windows File Server volume mounting component inside Amazon ECS Agent on Windows, prior to version 1.103.0. The root cause is improper neutralization of inputs used in an OS command, allowing a remote authenticated actor to run shell commands with SYSTEM privileges o...
Microsoft won’t patch PhantomRPC: Feature or bug?
A researcher has discovered a weakness called PhantomRPC that Microsoft does not consider a vulnerability it plans to patch. PhantomRPC involves Windows Remote Procedure Call RPC, the core of communication between Windows processes. The vulnerability lets a process with impersonation rights...
CVE-2026-3006
Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level access to the affected software...
CVE-2026-3006
Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level access to the affected software...
CVE-2026-3006 Race Condition Vulnerability
Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level access to the affected software...