EUVD-2026-37781

Use of an incorrectly resolved name or reference in the pinget backend in Devolutions UniGetUI 2026.2.0 and earlier allows a WinGet community catalog contributor to cause an installed application to be correlated to an unrelated, attacker-controlled catalog package and to execute an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a deadlock during an update RTC in the scsi: ufs component...

The vulnerability of the microprogramming software of ThinkPad Hybrid USB-C with USB-A Dock exists due to insufficient testing of input data. This allows a hacker to execute code with elevated privileges.

The vulnerability of the ThinkPad Hybrid USB-C with USB-A Dock’s microprogramming software exists due to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to execute code with elevated privileges during package updates or installations...

The vulnerability of Mozilla Firefox’s browser updates, related to errors in checking the downloaded update, allows a hacker to downgrade the browser version during an update.

The vulnerability of the Mozilla Firefox browser is related to errors during the verification of the downloaded update. Exploiting this vulnerability can allow a malicious actor to downgrade the version of the browser during an update...

Yandex Browser 安全漏洞

Yandex Browser is a desktop version of the web browser from the Russian company Yandex. A security vulnerability exists in Yandex Browser for Windows prior to 22.3.3.684, which originates from a vulnerability that could allow a local, low-privilege attacker to execute arbitrary code with SYSTEM...