CVE-2026-1991

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

EUVD-2020-31030

Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigge...

CVE-2019-25285 Alps Pointing-device Controller 8.1202.1711.04 - 'ApHidMonitorService' Unquoted Service Path

Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...

kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation

A flaw was found in the Linux kernel's Squashfs filesystem. A local attacker can exploit this vulnerability by simultaneously mounting a Squashfs filesystem and issuing a specific input/output control ioctl command. This can lead to an incorrect block size calculation, causing a shift-out-of-boun...

Exploit for Race Condition in Canonical Ubuntu_Linux

kernel-exploit-dirtycow-project-subm Dirty COW Privilege Escal...

EulerOS Virtualization 2.10.1 : augeas (EulerOS-SA-2026-1103)

According to the versions of the augeas package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function...

EulerOS Virtualization 2.10.1 : libcap (EulerOS-SA-2026-1126)

According to the versions of the libcap package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The PAM module pamcap.so of libcap configuration supports group names starting with @, during actual parsing, configurations not...

OESA-2026-1267 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability, which was classifie...

CVE-2025-69604

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...

CVE-2025-41727

A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access...

CVE-2025-41727

Beckhoff CVE-2025-41727 describes a local, low-privilege attacker bypassing authentication in the Device Manager user interface, enabling privileged operations and administrator access. Documented sources (NVD/Red Hat/CVE list) confirm the vulnerability exists in a Beckhoff component exposing a U...

CVE-2026-1418 GPAC SRT Subtitle Import text_to_bifs.c gf_text_import_srt_bifs out-of-bounds write

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

CVE-2026-1417

GPAC up to 2.4.0 is affected by a null pointer dereference in the function dump_isom_rtp (applications/mp4box/filedump.c). The issue can be triggered locally and there is a publicly available exploit. A patch has been committed (hash: f96bd57c3ccdcde4335a0be28cd3e8fe296993de) and applying the off...

CVE-2026-1417

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and coul...

CVE-2026-1409 Beetel 777VR1 UART excessive authentication

A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00.0955. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack on the physic...

CVE-2026-0775

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

CVE-2026-0776 Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1360)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1360 advisory. A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads t...

CVE-2026-22280

Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains an incorrect permission assignment for critical resource vulnerability. A low privileged attacker with loc...

Azure Linux 3.0 Security Update: libarchive (CVE-2025-1632)

The version of libarchive installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1632 advisory. - A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects...