Lucene search
K

5202 matches found

RedHat Linux
RedHat Linux
added 4 days ago8 views

kernel: rtmutex: Use waiter::task instead of current in remove_waiter()

A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...

7.8CVSS6.2AI score0.00125EPSS
Exploits12References6
Vulnrichment
Vulnrichment
added 2026/07/03 12:54 p.m.7 views

CVE-2026-46730

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with...

4.2CVSS6AI score0.00116EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40781

Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...

5.8AI score0.00089EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-14094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious...

7.8CVSS6.2AI score0.00089EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14060

Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Low...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 p.m.2 views

DEBIAN-CVE-2026-13827

Use after free in Updater in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: High...

7.8CVSS5.8AI score0.00109EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.16 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS7.4AI score0.03663EPSS
Exploits11References5
Cvelist
Cvelist
added 2026/06/30 1:9 a.m.32 views

CVE-2026-58302

rtapiapp in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to lo...

8.4CVSS0.00152EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53735

Name of the Vulnerable Software and Affected Versions Matrix42 Empirum versions prior to 25.5 Matrix42 Empirum versions 26.x prior to 26.2 Description The PBackupVSS.exe component creates a named pipe at '.pipePBackupVSS' with a Discretionary Access Control List DACL that grants GENERIC READ and...

7.8CVSS6.2AI score0.00125EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/27 9:25 a.m.11 views

EUVD-2026-39960

The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An...

6AI score0.00107EPSS
Exploits0References1
NVD
NVD
added 2026/06/27 9:16 a.m.11 views

CVE-2026-49412

The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed memory. An unprivileged...

7.8CVSS0.00104EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 5:39 a.m.6 views

BIT-DOTNET-SDK-2026-35433 .NET Elevation of Privilege Vulnerability

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...

7.3CVSS5.8AI score0.00662EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 5:39 a.m.5 views

BIT-DOTNET-SDK-2026-32177 .NET Elevation of Privilege Vulnerability

Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally...

7.3CVSS6.1AI score0.00551EPSS
Exploits0References5
OSV
OSV
added 2026/06/18 9:47 a.m.8 views

BIT-DOTNET-SDK-2026-45490 .NET SDK Elevation of Privilege Vulnerability

Improper authorization in .NET allows an authorized attacker to elevate privileges locally...

7.8CVSS5.3AI score0.00384EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 1:19 p.m.22 views

CVE-2026-0081

In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00148EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.12 views

CVE-2025-48643

In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00084EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 7:24 a.m.24 views

CVE-2026-0063

CVE-2026-0063 affects the Android framework component PhoneInterfaceManager.java, where a logic error in setAllowedCarriers could disable carrier restrictions, enabling local privilege escalation with no additional privileges and no user interaction required. The issue is cataloged as an Elevatio...

10CVSS5.6AI score0.00155EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/17 7:15 a.m.36 views

CVE-2026-0083

In Nfc::eventCallback of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00121EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 5:53 a.m.3371 views

CVE-2025-48617

CVE-2025-48617 affects Android’s CarrierConfigLoader.java, specifically overrideConfig, enabling a permissions/UID check bypass that could cause local privilege escalation with no additional execution privileges required and no user interaction. The vulnerability is tied to a local attack vector ...

7.8CVSS5.5AI score0.00077EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.18 views

PT-2026-50234

In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.5AI score0.00165EPSS
Exploits0References3
Rows per page
Query Builder