26310 matches found
kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN
A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 shadow paging mechanism. This use-after-free vulnerability arises from incorrect handling of Guest Frame Numbers GFNs when guest page tables are modified. A local attacker with control over a guest virtual machine could...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
CVE-2026-62294
Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...
CVE-2026-62294 Flameshot: OCTOU symlink attack via predictable /tmp path in Flameshot "Open With"
Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...
CVE-2026-62294
Flameshot prior to 14.0.0 is affected by a local TOCTOU race in the Open With feature. The software wrote screenshots to a predictable temporary path and followed symlinks, enabling a local unprivileged user on the same machine to pre-plant a symlink and cause Flameshot to write PNG data through ...
CVE-2026-62294 Flameshot: OCTOU symlink attack via predictable /tmp path in Flameshot "Open With"
Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
CVE-2026-49501
Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, and versions 9.11.0.0 through 9.13.0.2 contains an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2026-40633
Summary: Dell PowerScale OneFS contains an information disclosure vulnerability (Insertion of Sensitive Information into Log File) affecting PowerScale OneFS 9.5.0.0–9.10.1.7 and 9.11.0.0–9.13.0.2. A low-privilege, local attacker could exploit this to disclose information. Affected products/versi...
EUVD-2026-44607
Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, versions 9.11.0.0 through 9.13.0.2 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure...
CVE-2026-8920
Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On...
CVE-2026-15751
CVE-2026-15751 affects the mastergo-design mastergo-magic-mcp component set up to version 0.2.0. The vulnerability targets the execute function in mastergo/component-workflow.md for mcp__getComponentGenerator, where manipulation of the rootPath argument enables path traversal. Exploitation is loc...
CVE-2026-14685
A flaw was found in HdrHistogram. A local attacker could exploit this vulnerability by manipulating the 'Count' argument within the recordValueWithCount function. This manipulation leads to a state issue, which could impact the integrity of data processing within the affected component. Mitigatio...
CVE-2026-58637
Use after free in Windows Client-Side Caching CSC Service allows an authorized attacker to elevate privileges locally...
CVE-2026-58628
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Wireless Networking allows an authorized attacker to elevate privileges locally...
CVE-2026-57968
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-57101
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-56650
Heap-based buffer overflow in Windows Network File System allows an authorized attacker to elevate privileges locally...
CVE-2026-56195
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...
CVE-2026-55124
Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally...