438 matches found
CVE-2026-28577
In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28577
In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28577
In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28577
In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28577
CVE-2026-28577 corresponds to a tapjacking/overlay flaw in Android’s WindowManagerService.addWindow. The issue could permit local elevation of privilege with no extra execution privileges and without user action. CVSS 3.1 base metrics indicate Local, Low attack complexity and Low privileges requi...
PT-2026-45610
Name of the Vulnerable Software and Affected Versions WindowManagerService affected versions not specified Description A tapjacking issue exists in the addWindow function of WindowManagerService.java, where a tapjacking or overlay attack—a technique where a malicious application overlays a...
ASB-A-389950114
In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-35419
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally...
EUVD-2026-29717
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
EUVD-2026-29595
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally...
CVE-2026-42896
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-34336 Windows DWM Core Library Elevation of Privilege Vulnerability
...
CVE-2026-34336 Windows DWM Core Library Elevation of Privilege Vulnerability
...
CVE-2026-35419
CVE-2026-35419 describes an out-of-bounds read in Windows DWM Core Library that can disclose information locally by an authorized user. The available sources identify the vulnerability as a local-attack vector with low privileges required and no user interaction, resulting in a high confidentiali...
CVE-2026-35419 Windows DWM Core Library Information Disclosure Vulnerability
...
PT-2026-40155
Name of the Vulnerable Software and Affected Versions Windows DWM Core Library affected versions not specified Description A buffer over-read in the Windows DWM Core Library allows an authorized attacker to disclose sensitive information locally. Recommendations At the moment, there is no...
PT-2026-40262
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
Astra Linux - уязвимость в chromium
Before version 96.0.4664.93, using free after in the window manager in Google Chrome on ChromeOS allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Integer overflow in the Window Manager in Google Chrome on the Chrome OS and Lacros before version 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interactions. Chrome security severity: Hig...
Astra Linux - уязвимость в fly-wm
The vulnerability of the fly-adjust-palette utility in the window graphical manager fly-wm is related to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to cause a service failure...