CVE-2026-21422

Dell PowerScale OneFS (versions 9.10.0.0–9.10.1.5 and 9.11.0.0–9.12.0.1) contains an external control of a system or configuration setting vulnerability. A high-privileged attacker with local access could potentially exploit this to bypass protection mechanisms. The available references describe ...

CVE-2021-27277

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific...

EUVD-2018-3492

Malware in sbrugna...

EUVD-2025-9901

Malicious code in bioql PyPI...

EUVD-2024-51395

Malicious code in bioql PyPI...

EUVD-2022-45345

Malicious code in bioql PyPI...

EUVD-2024-44558

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-27815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system,...

CVE-2025-7026

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values e.g., '$DB$' or '2DB$', the function performs arbitrary...

CVE-2025-7027

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...

CVE-2025-7027

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...

CVE-2024-22795

Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component...

CVE-2023-30658

Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities...

CVE-2023-27193

An issue found in DUALSPACE v.1.1.3 allows a local attacker to gain privileges via the keyadnewuseravoidtime field...

CVE-2025-20951

Summary: CVE-2025-20951 affects Galaxy Store prior to 4.5.90.7 due to improper verification of intent by a broadcast receiver, enabling a local attacker to write arbitrary files with Galaxy Store privileges. Affected software: Galaxy Store (Android) versions before 4.5.90.7. Root cause: insuffici...

CVE-2025-20951

Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store...

CVE-2020-17392

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2025-24176

CVE-2025-24176 is a local permission-elevation vulnerability in macOS. The issue is described as a permissions problem addressed by improved validation and is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, and macOS Sonoma 14.7.3. A local attacker may gain elevated privileges due to insuffici...

CVE-2024-4762

An improper validation vulnerability was reported in the firmware update mechanism of LADM and LDCC that could allow a local attacker to escalate privileges...

CVE-2024-5803 Local privelage escalation via COM hijacking

The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use TOCTOU when self protection is disabled...