Lucene search
K

30262 matches found

Cvelist
Cvelist
added 6 hours ago6 views

CVE-2026-57239 Foxit PDF Editor/Reader Local Privilege Escalation

The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\SYSTEM...

8.2CVSS
Exploits0References1
CVE
CVE
added 6 hours ago6 views

CVE-2026-57239

Foxit CVE-2026-57239 is a Local Privilege Escalation in Foxit PDF Editor/Reader where user‑controllable executables can be directly executed by high‑privilege processes, enabling a low‑privilege user to escalate to NT AUTHORITY\SYSTEM. CVSS 3.1 base score 8.2 (HIGH) with LOCAL attack vector, LOW ...

8.2CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-58583

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score
Exploits0References4
CVE
CVE
added yesterday9 views

CVE-2026-58583

CVE-2026-58583 affects FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, enabling local privilege escalation for a standard user via arbitrary physical memory mapping at \Device\PhysicalMemory. Root cause: memory mapping vulnerability in the driver. Impact: potential elevation of pri...

8.4CVSS6AI score
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-42094

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added yesterday13 views

Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)

Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...

7.8CVSS6.7AI score0.96267EPSS
Exploits228Affected Software1
NVD
NVD
added yesterday7 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS
Exploits0References2
OSV
OSV
added yesterday2 views

PYSEC-2026-1477 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...

7.3CVSS7.1AI score0.00154EPSS
Exploits0References6
EUVD
EUVD
added yesterday5 views

EUVD-2026-42053

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score
Exploits0References2
OSV
OSV
added yesterday3 views

RLSA-2026:33731 Moderate: rrdtool security update

The round robin database RRD system stores and displays time-series data, such as network bandwidth, machine-room temperature, and server load average. RRDtool is a high performance data logging and graphing utility, which can be easily integrated with shell scripts, or used to create application...

7.8CVSS6.1AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

OESA-2026-2823 NetworkManager security update

NetworkManager attempts to keep an active network connection available at all times. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using DHCP, NetworkManager is intended to replace default routes, obtain IP addresses from a DHC...

6.7CVSS5.9AI score0.00118EPSS
Exploits0References2
OSV
OSV
added 3 days ago5 views

RLSA-2026:32990 Important: cifs-utils security update

The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. The cifs-utils packages contain tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References2
CVE
CVE
added 5 days ago12 views

CVE-2026-54483

CVE-2026-54483 affects Dell PowerProtect Data Domain: versions 7.7.1.0–8.6, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70. The vulnerability is described as OS command injection caused by improper neutralization of special elements in certain OS commands. A hi...

6.7CVSS6AI score0.00482EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2022-4990

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...

7.3CVSS0.00096EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2022-4989

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...

8.5CVSS5.8AI score0.00103EPSS
Exploits0References2
CVE
CVE
added 5 days ago18 views

CVE-2026-8921

The CVE-2026-8921 entry concerns ASUS Business Manager. It describes an External Control of File Name or Path vulnerability that allows a local user to execute arbitrary code with SYSTEM privileges by sending a tampered IPC message. Affected product is ASUS Business Manager; the root cause is con...

8.5CVSS6.2AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 5 days ago9 views

CVE-2026-13079

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and...

7.3CVSS0.00108EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 5 days ago4 views

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8497-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8497-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as...

9.8CVSS7.3AI score0.93235EPSS
Exploits61References322
Tenable Nessus
Tenable Nessus
added 5 days ago4 views

Ubuntu 24.04 LTS : Linux kernel (Xilinx) vulnerabilities (USN-8499-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8499-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS7.3AI score0.96267EPSS
Exploits285References517
CVE
CVE
added 6 days ago21 views

CVE-2026-13079

CVE-2026-13079 describes a local privilege escalation in the WatchGuard Mobile VPN with SSL client for Windows . The issue allows a local attacker to escalate to NT AUTHORITY\SYSTEM on the machine hosting the Windows client. Affected scope includes the Windows client versions up to and including ...

7.3CVSS5.8AI score0.00108EPSS
Exploits0References1
Rows per page
Query Builder