Lucene search
K

521 matches found

Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.2 views

PT-2026-32786

Name of the Vulnerable Software and Affected Versions Desktop Window Manager affected versions not specified Description A use after free issue allows an authorized attacker to elevate privileges locally. Use after free occurs when an application continues to use a pointer after it has been freed...

7.8CVSS6.1AI score0.00286EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.4 views

PT-2026-32824

Name of the Vulnerable Software and Affected Versions Desktop Window Manager affected versions not specified Description A use after free issue allows an authorized attacker to elevate privileges locally. Use after free occurs when an application continues to use a pointer after it has been freed...

7.8CVSS6.7AI score0.00383EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.3 views

PT-2026-32785

CVE-2026-27923 Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally. https://t.co/iFFDd0LffD...

7.8CVSS6.2AI score0.0023EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2026/04/06 12:0 a.m.118 views

Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation

Title: Desktop Window Manager Core Library 10.0.10240.0 — Privilege Escalation Heap-based Buffer Overflow sanitized evidence Author: nu11secur1ty Date: 2025-11-04 Vendor: Microsoft Software: Windows Desktop Window Manager DWM — DWM Core Library affected desktop/server releases as per vendor...

7.8CVSS7.2AI score0.01026EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/31 6:53 a.m.7 views

Security information for Hitachi Disk Array Systems

Overview CVE-2026-20846 | GDI+ Denial of Service Vulnerability CVE-2026-21222 | Windows Kernel Information Disclosure Vulnerability CVE-2026-21231 | Windows Kernel Elevation of Privilege Vulnerability CVE-2026-21234 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability...

8.8CVSS6.8AI score0.25835EPSS
Exploits9References25
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.2 views

CVE-2026-25189

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00334EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/03/25 6:18 a.m.191 views

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-30051 — Windows DWM Heap Overflow EoP · Master's Thes...

7.8CVSS8AI score0.05687EPSS
Exploits2
Information Security Automation
Information Security Automation
added 2026/03/22 9:0 a.m.10 views

March "In the Trend of VM" (#25): once again, vulnerabilities are only in Microsoft products

March "In the Trend of VM" 25: once again, vulnerabilities are only in Microsoft products. I present the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. As in February, it turned out to be quite compact and focused on a single vendor. 🗞 Post on Habr rus...

8.8CVSS7.2AI score0.25835EPSS
Exploits8
Information Security Automation
Information Security Automation
added 2026/03/12 3:14 p.m.12 views

About Elevation of Privilege - Desktop Window Manager (CVE-2026-21519) vulnerability

About Elevation of Privilege - Desktop Window Manager CVE-2026-21519 vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Desktop Window Manager is a compositing window manager included in Windows starting with Windows Vista. A Type Confusion error CWE-843 in Desktop...

7.8CVSS6AI score0.0242EPSS
Exploits0
EUVD
EUVD
added 2026/03/10 6:31 p.m.7 views

EUVD-2026-10663

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00334EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10664

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00334EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/10 5:5 p.m.4 views

CVE-2026-25189

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00334EPSS
Exploits0References2Affected Software6
CVE
CVE
added 2026/03/10 5:5 p.m.35 views

CVE-2026-25189

The CVE-2026-25189 entry concerns a Use-after-Free in Windows DWM Core Library that allows an authorized attacker to locally elevate privileges. Affected component is Windows DWM Core Library; root cause is a use-after-free condition leading to privilege escalation. Microsoft and related advisori...

7.8CVSS5.8AI score0.00334EPSS
Exploits0References1Affected Software5
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.2 views

PT-2026-24313

Уязвимость библиотеки DWM Core Library операционных систем Windows связана c использованием памяти после ее освобождения. Эксплуатация уязвимости может позволить нарушителю повысить привилегии...

7.8CVSS5.8AI score0.00334EPSS
Exploits0References7
CNVD
CNVD
added 2026/03/09 12:0 a.m.4 views

Google Android elevation of privilege vulnerability (CNVD-2026-16155)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a lack of privilege checking in the relayoutWindow function of WindowManagerService.java, which can be exploited by an attacker to gain...

8.4CVSS5.7AI score0.00094EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/04 1:57 a.m.6 views

CVE-2025-48634

In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00094EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 7:16 p.m.4 views

CVE-2025-48634

In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.3CVSS5.9AI score0.00094EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/02 6:42 p.m.4 views

CVE-2025-48634

In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00094EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/02 6:42 p.m.5 views

EUVD-2025-208213

In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.1AI score0.00094EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/02 6:42 p.m.1 views

CVE-2025-48634

In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.1AI score0.00094EPSS
Exploits0References1
Rows per page
Query Builder