4826 matches found
Windows Push Notifications Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
Microsoft Brokering File System Elevation of Privilege Vulnerability
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
Microsoft Brokering File System Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally...
PT-2026-32803
Name of the Vulnerable Software and Affected Versions Windows Universal Plug and Play UPnP Device Host affected versions not specified Description An untrusted pointer dereference in the Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...
PT-2026-32779
Name of the Vulnerable Software and Affected Versions Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys affected versions not specified Description A use after free issue in the Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys allows an authorized attacker to elevate privileges locally...
PT-2026-32747
Name of the Vulnerable Software and Affected Versions Microsoft PowerShell affected versions not specified Description Improper input validation allows an authorized attacker to elevate privileges locally on the system. Recommendations At the moment, there is no information about a newer version...
PT-2026-32760
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description Improper access control in the Windows RPC API allows an authorized attacker to elevate privileges locally and affect the system. Recommendations At the moment, there is no information about ...
PT-2026-32756
Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A double free issue in the Windows Secure Kernel allows an authorized attacker to elevate privileges locally, enabling a low-privilege user to gain administrative access to the...
PT-2026-32847
Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description A stack-based buffer overflow in the Windows Kernel allows an authorized attacker to elevate privileges locally. A stack-based buffer overflow occurs when a program writes more data to...
PT-2026-32840
Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description Improper privilege management in the Telemetry Service allows an authorized attacker to cause a local denial of service, which affects the system. Recommendations At the moment, the...
PT-2026-32778
CVE-2026-27916 Use after free in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally. https://t.co/58w4XiQTfi...
PT-2026-32831
🪟 COM EoP CVE-2026-32162 again? When Microsoft’s “trust boundaries” are just vibes, every COM hop is a potential jailbreak. Triage fast: local users turning into admins is the usual horror sequel. https://t.co/nNowXseXJj ElevationOfPrivilege MicrosoftMsrc WindowsCom https://t.co/7B8CqiBKho...
PT-2026-32772
🪟 CVE-2026-27910 reminds us: Windows Installer metadata is basically a neon sign for attackers. Great—patch time, again. Enterprise risk never really “goes away,” does it? https://t.co/VVCvsxvJkF ElevationOfPrivilege PrivilegeEscalation WindowsInstaller MsrcSecurityUpdates https://t.co/vnE4IWgHgA...
Ubuntu: Security Advisory (USN-8167-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-6192 uclouvain openjpeg pi.c opj_pi_initialise_encode integer overflow
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...
VulnCheck KEV: CVE-2026-25187
Improper link resolution before file access 'link following' in Winlogon allows an authorized attacker to elevate privileges locally...
PT-2026-32447
Name of the Vulnerable Software and Affected Versions uclouvain openjpeg versions prior to 2.5.5 Description An integer overflow occurs in the opj pi initialise encode function within the src/lib/openjp2/pi.c library. This issue requires local access to be exploited. Recommendations Install the...
CVE-2019-25705 Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field
Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries a...
EUVD-2026-21651
NoMachine External Control of File Path Arbitrary File Deletion Vulnerability. This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...
ALPINE-CVE-2026-6042
A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic complexity. The attack must be initiated from a local position. To fix...