15745 matches found
CVE-2026-41116
Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write...
CVE-2026-47648
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally...
CVE-2025-10237
During an internal security assessment, a potential vulnerability was discovered in some ThinkPad embedded controller firmware that could allow a privileged local user to perform arbitrary reads or writes to privileged memory regions...
CVE-2026-6090
A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...
SUSE CVE-2026-11623
A security vulnerability has been detected in tmux up to 3.6a. Affected is the function imagefree of the file image.c. Such manipulation leads to use after free. Local access is required to approach this attack. This attack is characterized by high complexity. The exploitability is told to be...
SUSE CVE-2026-11628
Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: Critical...
EulerOS 2.0 SP13 : python-pygments (EulerOS-SA-2026-2355)
According to the versions of the python-pygments packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file...
EulerOS 2.0 SP13 : python-pygments (EulerOS-SA-2026-2312)
According to the versions of the python-pygments packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file...
EUVD-2026-35526
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-44275
Dell/Alienware Purchased Apps, versions prior to 1.1.32.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write...
CVE-2026-44275
Dell/Alienware Purchased Apps, versions prior to 1.1.32.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write...
CVE-2026-41116
Dell Inventory Collector Client, versions prior to 13.8.0, contains an Improper Link Resolution Before File Access ("Link Following") vulnerability. A low-privileged attacker with local access could exploit this to achieve Arbitrary File Write. The available documents identify the affected produc...
CVE-2026-45654
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-45460
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...
CVE-2026-42980
Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-45653
CVE-2026-45653: A Windows Kernel use-after-free vulnerability that enables local privilege escalation by an authorized attacker. The issue affects kernel code paths susceptible to use-after-free, with an attack vector that is LOCAL, requiring LOW privileges and NO user interaction; the impact per...
EUVD-2026-35567
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally...
CVE-2026-45603
The vulnerability CVE-2026-45603 affects Windows’ Ancillary Function Driver for WinSock (AFD). The issue is a use-after-free in the WinSock-related driver, leading to local privilege escalation for an authorized attacker. The CVSS3.1 assessment shows HIGH impact with LOCAL access, HIGH confidenti...
CVE-2026-45638
CVE-2026-45638 relates to Windows’ Ancillary Function Driver for WinSock and is due to a use-after-free in that driver. This vulnerability allows an authorized attacker to escalate privileges locally. The available documents specify the affected component and the local-privilege-escalation impact...
EUVD-2026-35675
Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally...