6678 matches found
EUVD-2026-10615
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...
EUVD-2026-10657
Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to disclose information locally...
CVE-2026-24291
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...
CVE-2026-24291
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...
CVE-2026-25186 Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability
...
CVE-2026-24291
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...
CVE-2026-24291 Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability
...
CVE-2026-3315
CVE-2026-3315 concerns ASSA ABLOY Visionline on Windows, where incorrect default permissions enable configuration/environment manipulation and lead to execution with unnecessary privileges and improper assignment of permissions to a critical resource. Affected versions are Visionline prior to 1.3...
CVE-2026-3315 Local Privilege Escalation Due to Writable Executable in Privileged Visionline Service Path
Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33...
PT-2026-24285
Name of the Vulnerable Software and Affected Versions Windows versions prior to March 10, 2026 Patch Tuesday Description An improper permission assignment within the Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally. The issue stems from...
New-Shellcode-Injection-Exploit
Shellcode Injection Exploit Author Created by 0x5da...
CVE-2025-69649
A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed header fields with the readelf program can trigger a NULL pointer dereference, causing a crash and resulting in a denial of service. Mitigation To mitigate this vulnerability, do not process untruste...
DEBIAN-CVE-2025-69649
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...
UBUNTU-CVE-2025-69652
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...
AZL-79574 CVE-2025-69651 affecting package binutils 2.41-10
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...
Malicious code in flowfix (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...
MAL-2026-1276 Malicious code in flowfix (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...
CVE-2026-29041 Chamilo: Authenticated Remote Code Execution via Unrestricted File Upload
Chamilo is a learning management system. Prior to version 1.11.34, Chamilo LMS is affected by an authenticated remote code execution vulnerability caused by improper validation of uploaded files. The application relies solely on MIME-type verification when handling file uploads and does not...
PT-2026-23634
Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.34 Description Chamilo LMS is susceptible to an authenticated remote code execution issue stemming from insufficient validation of uploaded files. The application depends on MIME-type verification for file upload...
CVE-2025-69652
CVE-2025-69652 concerns GNU Binutils up to 2.46, specifically the readelf component. A crafted ELF binary with malformed DWARF abbrev or debug information can trigger an abort (SIGABRT) due to incomplete state cleanup in process_debug_info(), allowing an invalid debug_info_p state to propagate in...