107 matches found
CVE-2026-47270
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb is a PAM module loaded into the host process sudo, login, GDM, GNOME Shell. Display managers such as GDM run multiple concurrent authentication threads. Three functions used by the denyremote...
CVE-2026-20869
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Local Session Manager LSM allows an authorized attacker to elevate privileges locally...
CVE-2026-20869
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Local Session Manager LSM allows an authorized attacker to elevate privileges locally...
CVE-2026-20869
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Local Session Manager LSM allows an authorized attacker to elevate privileges locally...
CVE-2026-20869 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability
...
CVE-2026-20869
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Local Session Manager LSM allows an authorized attacker to elevate privileges locally...
CVE-2026-20869 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability
...
Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Local Session Manager LSM allows an authorized attacker to elevate privileges locally...
PT-2026-2714
Name of the Vulnerable Software and Affected Versions Windows Local Session Manager LSM affected versions not specified Description A flaw exists in Windows Local Session Manager LSM related to concurrent execution using a shared resource with improper synchronization, creating a race condition...
CVE-2020-23139
Microweber 1.1.18 is affected by broken authentication and session management. Local session hijacking may occur, which could result in unauthorized access to system data or functionality, or a complete system compromise...
CVE-2025-65561
An issue was discovered in function LocalNode.Sess in free5GC 4.1.0 allowing attackers to cause a denial of service or other unspecified impacts via crafted header Local SEID to the PFCP Session Modification Request...
CVE-2025-64711
CVE-2025-64711 affects PrivateBin versions 1.7.7–2.0.3. A drag-and-drop filename containing HTML is rendered as HTML in the drag-and-drop helper, enabling self‑XSS in the victim’s session on macOS/Linux when file uploads are enabled. An attacker must entice the user to attach a maliciously named ...
PT-2025-46774
Name of the Vulnerable Software and Affected Versions PrivateBin versions 1.7.7 through 2.0.2 Description PrivateBin is an online pastebin system designed with zero knowledge of pasted data. Versions from 1.7.7 up to 2.0.2 are susceptible to a self-cross-site scripting issue. Dragging a file with...
CVE-2025-58729
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
CVE-2025-59259
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
CVE-2025-59257
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
EUVD-2025-34372
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
EUVD-2025-34370
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
EUVD-2025-34314
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...
CVE-2025-59257
Improper validation of specified type of input in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...