Lucene search
+L

26307 matches found

nvd
nvd
added 3 days ago3 views

CVE-2026-50356

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Windows App Store allows an authorized attacker to elevate privileges locally...

7CVSS0.00156EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-49807

Exposure of sensitive information to an unauthorized actor in Windows DirectX allows an unauthorized attacker to disclose information locally...

6.2CVSS0.00382EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-50295

Improper privilege management in Microsoft Windows DNS allows an authorized attacker to bypass a security feature locally...

5.5CVSS0.00222EPSS
Exploits0References1
nvd
nvd
added 3 days ago3 views

CVE-2026-49184

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally...

8.4CVSS0.00287EPSS
Exploits0References1
nvd
nvd
added 3 days ago3 views

CVE-2026-49171

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00261EPSS
Exploits0References1
cve
cve
added 3 days ago4 views

CVE-2026-0515

The CVE-2026-0515 entry documents insufficient parameter validation in the SchedGet() system call of the QNX Neutrino kernel, potentially allowing a locally privileged attacker to crash the kernel. Affected products include QNX Software Development Platform and QNX OS for Safety, though no explic...

6.2CVSS6.1AI score0.00112EPSS
Exploits0References1
redhat
redhat
added 3 days ago6 views

kernel: exit: prevent preemption of oopsing TASK_DEAD task

A flaw was found in the Linux kernel. During the exit process of a task that has encountered an error, the system can incorrectly allow the task to be interrupted. This can lead to improper management of the task's memory, potentially causing memory corruption. Such an issue could allow a local...

7.8CVSS6.8AI score0.00126EPSS
Exploits0References5
redhat
redhat
added 3 days ago6 views

kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold

A flaw was found in the Linux kernel's Bluetooth SCO Synchronous Connection-Oriented protocol implementation. The scorecvframe function fails to properly hold a reference to a socket after releasing a lock. This oversight allows a concurrent operation to free the socket while it is still being...

8.8CVSS6.3AI score0.003EPSS
Exploits0References5
redhat
redhat
added 3 days ago8 views

kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete

A flaw was found in the Linux kernel's xfrm IPSec framework subsystem. This vulnerability, a use-after-free, occurs when the system incorrectly manages memory related to security policies, specifically during the deletion of xfrmstate lists. An attacker with local access could exploit this flaw b...

7.8CVSS6.5AI score0.0013EPSS
Exploits1References5
cve
cve
added 3 days ago7 views

CVE-2026-50364

Technical details (affected product/version, root cause, and fixes) are not publicly available in the provided documents. Monitor for updates.

7.3CVSS6AI score0.00352EPSS
Exploits0References1Affected Software5
cve
cve
added 3 days ago15 views

CVE-2026-50303

CVE-2026-50303 describes a vulnerability in Windows Key Guard where use of a cryptographic primitive with a risky implementation enables an authorized local attacker to bypass a security feature. Affected component: Windows Key Guard cryptographic handling; root cause: risky implementation of the...

5.5CVSS6AI score0.00207EPSS
Exploits0References1Affected Software9
cve
cve
added 3 days ago6 views

CVE-2026-49808

The CVE-2026-49808 entry describes a race condition in the Windows kernel caused by concurrent execution on a shared resource with improper synchronization. An authorized local attacker can elevate privileges, as indicated by the description and CVSS vector (Local attack, High impact to confident...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References1Affected Software4
cve
cve
added 3 days ago35 views

CVE-2026-49798

CVE-2026-49798 is a Windows Kernel use-after-free vulnerability that enables local privilege escalation. The root cause is use-after-free in kernel code, allowing an unauthenticated attacker with local access to elevate privileges. Affected component details are limited in the provided documents;...

9.3CVSS6AI score0.02155EPSS
Exploits0References1Affected Software12
cve
cve
added 3 days ago8 views

CVE-2026-56193

CVE-2026-56193 describes an out-of-bounds read in Microsoft Office that allows a local attacker to disclose information. The available records indicate a high-severity impact (Confidentiality and Availability) with local access and user interaction required, but no explicit details on affected Of...

7.1CVSS6AI score0.00396EPSS
Exploits0References1Affected Software6
cve
cve
added 3 days ago17 views

CVE-2026-54997

Public technical details are not provided in the supplied documents for CVE-2026-54997. No specifics on affected products, versions, root cause, or remediation are available here. Monitor for updates from official sources.

5.5CVSS6AI score0.00306EPSS
Exploits0References1
cve
cve
added 3 days ago11 views

CVE-2026-54996

CVE-2026-54996 describes a race condition in the Windows USB Print Driver caused by concurrent access to a shared resource with improper synchronization. An authorized local attacker could elevate privileges. The entry provides CVSS 3.1 base score 7.0 (High) with local attack vector, high impact ...

7CVSS6.1AI score0.00156EPSS
Exploits0References1
cve
cve
added 3 days ago6 views

CVE-2026-55001

CVE-2026-55001 affects Windows Active Directory / Active Directory Domain Services. The root cause is improper certificate validation within AD, enabling an authorized attacker to achieve local privilege escalation. CVSS 3.1 base score 7.8 (Local, Low complexity, Privileges Required: Low; User In...

7.8CVSS6AI score0.00219EPSS
Exploits0References1
cve
cve
added 3 days ago7 views

CVE-2026-54112

CVE-2026-54112 affects Windows Win32K. The issue is a race condition caused by concurrent execution on a shared resource due to improper synchronization, enabling a locally authenticated user to elevate privileges. The base score is 7.8 (HIGH) with LOCAL attack vector, requiring LOW privileges an...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References1Affected Software9
mscve
mscve
added 3 days ago4 views

Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability

Time-of-check time-of-use toctou race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally...

6.3CVSS6.1AI score0.00159EPSS
Exploits0
mscve
mscve
added 3 days ago8 views

Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00318EPSS
Exploits0
Rows per page
Query Builder