30245 matches found
EUVD-2026-42094
FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...
CVE-2026-58583
CVE-2026-58583 affects FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, enabling local privilege escalation for a standard user via arbitrary physical memory mapping at \Device\PhysicalMemory. Root cause: memory mapping vulnerability in the driver. Impact: potential elevation of pri...
Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)
Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...
CVE-2026-57851
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
EUVD-2026-42053
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
CVE-2026-54483
CVE-2026-54483 affects Dell PowerProtect Data Domain: versions 7.7.1.0–8.6, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70. The vulnerability is described as OS command injection caused by improper neutralization of special elements in certain OS commands. A hi...
CVE-2022-4990
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...
CVE-2022-4989
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...
CVE-2026-8921
The CVE-2026-8921 entry concerns ASUS Business Manager. It describes an External Control of File Name or Path vulnerability that allows a local user to execute arbitrary code with SYSTEM privileges by sending a tampered IPC message. Affected product is ASUS Business Manager; the root cause is con...
CVE-2026-13079
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8497-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8497-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as...
Ubuntu 24.04 LTS : Linux kernel (Xilinx) vulnerabilities (USN-8499-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8499-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...
CVE-2026-13079
CVE-2026-13079 describes a local privilege escalation in the WatchGuard Mobile VPN with SSL client for Windows . The issue allows a local attacker to escalate to NT AUTHORITY\SYSTEM on the machine hosting the Windows client. Affected scope includes the Windows client versions up to and including ...
CVE-2026-13079 WatchGuard Mobile VPN with SSL Windows Client Local Privilege Escalation
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and...
CVE-2026-13079
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and...
CVE-2026-12168
An improper validation vulnerability for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port...
CVE-2026-12168 CVE-2026-12168
An improper validation vulnerability for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port...
EUVD-2026-41378
An improper validation vulnerability for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port...
PT-2026-55230
Name of the Vulnerable Software and Affected Versions Little Orbit GFAC affected versions not specified Description Improper validation and a NULL pointer dereference a condition where the software attempts to read from a memory address that is null, leading to a crash in the GFAC Sys x64.sys...
Moderate: Red Hat Security Advisory: rrdtool security update
An update for rrdtool is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...