CVE-2026-31863 Improper Restriction of Excessive Authentication Attempts in github.com/anyproto/anytype-heart

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

Microsoft Endpoint Configuration Manager 权限许可和访问控制问题漏洞

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows Endpoint Configuration Manager. The vulnerability stems from an incorrect programmatic call to an advanced local...

PT-2022-19225 · Samsung · Samsung Members

Name of the Vulnerable Software and Affected Versions: Samsung Members versions prior to 13.6.08.5 Description: The issue is related to an improper access control vulnerability. It allows a local attacker to execute a call function without the required CALL PHONE permission. Recommendations: For...

Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2017-15994)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows due to a program's failure to properly handle calls to Advanced Local Procedure Call ALPC. A local attacker could exploit this...

Null pointer dereference

drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center QuIC Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service NULL pointer dereference via an application that uses crafted arguments in a local kgslioctl call...