66 matches found
CVE-2026-8049
In SignalRGB versions prior to 1.3.7.0, the \.\SignalIo device object is created without an explicit SDDL security descriptor and without FILEDEVICESECUREOPEN. This results in overly permissive default access control, allowing any authenticated local user to obtain a handle to the device and issu...
EUVD-2026-36047
During an internal security assessment, a potential vulnerability was discovered in Lenovo Accessories and Display Manager for Enterprise for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...
CVE-2026-45078
A flaw was found in Synapse, an open source Matrix homeserver implementation. Local authenticated users can exploit this vulnerability to consume excessive CPU resources, causing the server to become unresponsive and denying service to other users. This can lead to a complete Denial of Service Do...
CVE-2026-7431
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...
SUSE CVE-2026-45078
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...
DEBIAN-CVE-2026-45078
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...
PYSEC-0000-CVE-2026-45078
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...
CVE-2026-45078
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...
EUVD-2026-32935
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...
PT-2026-45981
Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...
synapse 安全漏洞
Synapse is an open-source matrix main server developed by Element. Versions prior to 1.152.1 of Synapse contained a security vulnerability. This vulnerability occurred due to locally authenticated users being able to exhaust CPU resources, causing other requests to fail and leading to...
CVE-2026-9490
Affected product: Acer Care Center (ACC Svc). The vulnerability arises because the ACCSvc service creates a Named Pipe with a weak security descriptor, permitting an authenticated local user to connect and send a crafted message (type 0x03). This can trigger the service to crash with exit code 10...
GHSA-8Q93-326V-3M7G Synapse CPU starvation (Denial of Service)
Impact Local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. Homeservers that trust all their local users are not at risk. Patches Update to Synapse 1.152.1 or later. Workarounds If Synapse is...
PT-2026-41159
Name of the Vulnerable Software and Affected Versions Synapse versions prior to 1.152.1 Description Local authenticated users can cause the system to starve other requests of CPU resources, leading to request failures and a denial of service for other users. Homeservers that trust all their local...
CVE-2026-7431
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...
EUVD-2026-22928
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges...
EUVD-2026-22918
During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, during installation or when using hardware scan, could allow a local authenticated user to perform an arbitrary file write with elevated...
CVE-2026-4134
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to execute code with elevated privileges...
Lenovo Service Bridge 安全漏洞
Lenovo Service Bridge is an application based on the Windows platform developed by Lenovo Corporation. This program can automatically detect the serial number, device type, and model of devices in order to provide corresponding services. Lenovo Service Bridge has a security vulnerability, which...
IBM多款产品 安全漏洞
IBM Verify Identity Access Container is a product of the American multinational company International Business Machines IBM. IBM Verify Identity Access Container is a containerized software that provides identity authentication and authorization capabilities for applications. IBM Security Verify...