364 matches found
Windows Server Update Service - Insecure Deserialization
Windows Server Update Service contains an insecure deserialization vulnerability caused by deserialization of untrusted data. An unauthorized attacker with network access can exploit this to execute arbitrary code remotely, potentially leading to full system compromise. id: CVE-2025-59287 info:...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...
Important: Red Hat Security Advisory: rhc security update
An update for rhc is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...
EUVD-2026-23197
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-41030
CVE-2026-41030 affects ONLYOFFICE DesktopEditors prior to 9.3.0. The update service can be abused to perform actions on files with SYSTEM privileges, indicating a local privilege escalation. CVSS 3.1: AV=L/AC=L/PR=N/UI=N/S=U, Impact: Confidentiality=NONE, Integrity=NONE, Availability=HIGH. Exploi...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
DesktopEditors 安全漏洞
DesktopEditors is an open-source offline office suite developed by ONLYOFFICE, supporting editing of documents, spreadsheets, presentations, and PDFs. Versions of DesktopEditors prior to 9.3.0 contained a security vulnerability. This vulnerability stemmed from defects in the update service, which...
PT-2026-33271
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-32224
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
EUVD-2026-22410
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
EUVD-2026-22376
Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...
CVE-2026-32224
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
CVE-2026-26154
Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...
CVE-2026-32224
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
Windows Server Update Service (WSUS) Tampering Vulnerability
Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Server Update Service allows an authorized attacker to elevate privileges locally...