4829 matches found
CVE-2026-25179
Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-25168
Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally...
CVE-2026-24283
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
CVE-2026-23667
Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally...
Windows Device Association Service Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...
Windows Authentication Elevation of Privilege Vulnerability
Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...
Win32k Elevation of Privilege Vulnerability
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally...
PT-2026-24317
Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Microsoft Office Microsoft 365 Apps for Enterprise Microsoft Office Online Server Description A use-after-free issue exists in Microsoft Office Excel, Microsoft Office, Microsoft 365 Apps...
PT-2026-24271
Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally...
EulerOS 2.0 SP13 : gdb (EulerOS-SA-2026-1270)
According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker...
EUVD-2025-208369
A low‑privileged local attacker who gains access to the UBR service account e.g., via SSH can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries e.g., tcpdump and ip with sudo...
CVE-2026-3670
A vulnerability was detected in Freedom Factory dGEN1 up to 20260221. Affected is an unknown function of the component com.dgen.alarm. Performing a manipulation results in improper authorization. The attack requires a local approach. The exploit is now public and may be used. The vendor was...
EUVD-2026-10191
A vulnerability was determined in Freedom Factory dGEN1 up to 20260221. Affected by this issue is the function FakeAppReceiver of the component org.ethosmobile.ethoslauncher. Executing a manipulation can lead to improper authorization. The attack needs to be launched locally. The exploit has been...
EUVD-2026-10187
A vulnerability was detected in Freedom Factory dGEN1 up to 20260221. Affected is an unknown function of the component com.dgen.alarm. Performing a manipulation results in improper authorization. The attack requires a local approach. The exploit is now public and may be used. The vendor was...
CVE-2026-3670
A vulnerability was detected in Freedom Factory dGEN1 up to 20260221. Affected is an unknown function of the component com.dgen.alarm. Performing a manipulation results in improper authorization. The attack requires a local approach. The exploit is now public and may be used. The vendor was...
CVE-2026-3670
CVE-2026-3670 affects Freedom Factory dGEN1 (up to 20260221) with an issue in the com.dgen.alarm component. The vulnerability is triggered by manipulating an unknown function, yielding improper authorization. The attack requires local access; the exploit is public. The vendor has not responded to...
CVE-2026-3669
A security vulnerability has been detected in Freedom Factory dGEN1 up to 20260221. This impacts the function AlarmService of the component com.dgen.alarm. Such manipulation leads to improper authorization. The attack needs to be performed locally. The exploit has been disclosed publicly and may ...
CVE-2026-3669
CVE-2026-3669 affects Freedom Factory dGEN1, specifically the AlarmService function in component com.dgen.alarm. The public disclosures describe local exploitation leading to improper authorization. Exploitation details beyond this are not provided in the available documents. Connected sources co...
CVE-2026-3669 Freedom Factory dGEN1 com.dgen.alarm AlarmService improper authorization
A security vulnerability has been detected in Freedom Factory dGEN1 up to 20260221. This impacts the function AlarmService of the component com.dgen.alarm. Such manipulation leads to improper authorization. The attack needs to be performed locally. The exploit has been disclosed publicly and may ...
CVE-2026-3665
A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...