8007 matches found
CVE-2026-32164
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows User Interface Core allows an authorized attacker to elevate privileges locally...
CVE-2026-27911
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows User Interface Core allows an authorized attacker to elevate privileges locally...
CVE-2026-6319
Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-6308
Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-6308
Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-6308
Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
MAL-2026-2682 Malicious code in @athena-ui-components/deeplink (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f74fbec503fca2e61a016a70e66269c234d5329e19a1072a7f777c59fc4d466c The package @athena-ui-components/deeplink was found to contain malicious code. Source: ossf-package-analysis...
Apache Airflow 安全漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...
Pega Platform 安全漏洞
Pega Platform is an enterprise management platform developed by Pega, Inc. Versions of Pega Platform from 8.1.0 to 25.1.1 have security vulnerabilities, which stem from HTML injection in the user interface components...
Pega Platform 安全漏洞
Pega Platform is an enterprise management platform developed by Pega, Inc. Versions of Pega Platform from 8.1.0 to 25.1.1 have security vulnerabilities, which stem from storage cross-site scripting in the user interface components...
Prometheus 安全漏洞
Prometheus is an open-source software developed in the Go language, used to create real-time metric databases built using the HTTP pull model. Versions 3.0 to 3.5.1 and 3.6.0 to 3.11.1 of Prometheus contain security vulnerabilities. These vulnerabilities stem from a storage-side cross-site...
PT-2026-33177
CVE-2026-1564 Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a develo… https://t.co/ErpdMh2IGe...
📄 Kiuwan SAST 2.8.2412.0 Improper Enforcement
It was found out that a user is still able to login at the Kiuwan WebUI via SSO, even if the Kiuwan mapped account has been disabled in the user settings by an admin. This issue has been addressed in version 2.8.2509.4. SEC Consult Vulnerability Lab Security Advisory...
CloudStorageHunter-Pro
🔥 CloudStorageHunter-Pro 🚀 Ultimate Cloud Storage Security...
EUVD-2026-22557
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally...
EUVD-2026-22556
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows User Interface Core allows an authorized attacker to elevate privileges locally...
EUVD-2026-22372
Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-32165
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally...
CVE-2026-32163
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows User Interface Core allows an authorized attacker to elevate privileges locally...
CVE-2026-32164
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows User Interface Core allows an authorized attacker to elevate privileges locally...