3771 matches found
CVE-2026-12214 Qihoo 360 Total Security Nucleus Engine Monitoring Logic RpcStringBindingComposeW protection mechanism
A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure. The attack require...
CVE-2026-45588
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-45592
Integer overflow or wraparound in Windows Internet wininet.dll allows an authorized attacker to elevate privileges locally...
CVE-2026-42983
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-42978
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
dotnet: .NET: Local file tampering via link following vulnerability
A flaw was found in .NET. This vulnerability, related to improper link resolution before file access also known as 'link following', allows an unauthorized local attacker to perform unauthorized tampering. This could lead to integrity compromise of local files...
CVE-2026-0268
Prisma Access Agent for Linux contains a local authentication bypass that enables a local attacker to route traffic outside the VPN tunnel. The issue is limited to Linux; Windows, macOS, iOS, Android, and ChromeOS variants are not affected. The CVE entry notes a local attack vector with low privi...
EUVD-2026-35527
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...
EUVD-2026-35657
Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally...
CVE-2026-45476
Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-44811
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
EUVD-2026-35761
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-42983
CVE-2026-42983 is a Windows vulnerability described across multiple sources as a use-after-free in the DWM Core Library that allows an authorized, local attacker to elevate privileges. The issue is identified consistently in Microsoft’s MSRC page and NVD records; no public exploit details or defa...
CVE-2026-44805
CVE-2026-44805: Use-after-free in Windows Network Controller (NC) Host Agent enables an authorized local attacker to cause denial of service. Affected component is the Windows Network Controller Host Agent; underlying cause is use-after-free. CVSSv3.1 base score 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I...
CVE-2026-42977
CVE-2026-42977 describes a race condition in Windows Push Notifications caused by improper synchronization of a shared resource. This vulnerability enables an authorized, local attacker to elevate privileges. The CVSS 3.1 base score is 7.8 (HIGH) with Local attack vector, high complexity, and req...
CVE-2026-42916
The CVE-2026-42916 entry describes an Integer underflow in the Windows NT OS Kernel that enables local privilege escalation for an authorized attacker. Affected: Windows NT OS Kernel (kernel-level component). Root cause: wrap/underflow during arithmetic in the kernel. Impact: high across confiden...
EUVD-2026-35569
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-45637
CVE-2026-45637 is a use-after-free vulnerability in Windows DWM Core Library that permits a locally authenticated attacker to achieve elevation of privileges. The underlying flaw is a use-after-free condition in the DWM Core Library, enabling an attacker with low privileges and no user interactio...
EUVD-2026-35561
Access of resource using incompatible type 'type confusion' in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...
EUVD-2026-35547
Improper limitation of a pathname to a restricted directory 'path traversal' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...