Lucene search
K

32026 matches found

Cvelist
Cvelist
added 9 hours ago7 views

CVE-2026-47830 Incorrect Permission Assignment Allows Local Privilege Escalation to SYSTEM via Executable Overwrite

Incorrect Permission Assignment in BOSH.Utils.psm1 in BOSH-Ecosystem bosh-windows-stemcell-builder allows low-privilege authenticated users to overwrite C:\bosh\servicewrapper.exe or C:\bosh\bosh-agent.exe and gain NT AUTHORITY\SYSTEM on the next service restart or reboot. This can lead to full...

8.8CVSS
Exploits0References1
CVE
CVE
added 9 hours ago10 views

CVE-2026-47830

CVE-2026-47830 affects bosh-windows-stemcell-builder (Cloud Foundry Foundation). The issue is Incorrect Permission Assignment in BOSH.Utils.psm1 that lets low-privileged authenticated users overwrite C:\bosh\service_wrapper.exe or C:\bosh\bosh-agent.exe, enabling them to gain NT AUTHORITY\SYSTEM ...

8.8CVSS7.2AI score
Exploits0References1
NVD
NVD
added yesterday7 views

CVE-2026-22927

Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...

7.8CVSS
Exploits0References2
CVE
CVE
added yesterday12 views

CVE-2026-22927

Technical details about CVE-2026-22927 are not publicly available in the provided documents. Monitor for updates from Omnissa and CVE databases.

7.8CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-42242

Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...

7.8CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added yesterday22 views

CVE-2026-22927

Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...

7.8CVSS
Exploits0References2
Cvelist
Cvelist
added yesterday25 views

CVE-2026-57239 Foxit PDF Editor/Reader Local Privilege Escalation

The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\SYSTEM...

8.2CVSS0.00113EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-57239

Foxit CVE-2026-57239 is a Local Privilege Escalation in Foxit PDF Editor/Reader where user‑controllable executables can be directly executed by high‑privilege processes, enabling a low‑privilege user to escalate to NT AUTHORITY\SYSTEM. CVSS 3.1 base score 8.2 (HIGH) with LOCAL attack vector, LOW ...

8.2CVSS6AI score0.00113EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-56419

Name of the Vulnerable Software and Affected Versions Omnissa Workspace ONE® Tunnel for Windows affected versions not specified Description A local privilege escalation issue exists that allows a malicious actor with local access to a device to elevate their privileges. Recommendations At the...

7.8CVSS5.9AI score
Exploits0References5
Cloud Foundry
Cloud Foundry
added yesterday4 views

CVE-2026-47830 - Incorrect Permission Assignment Allows Local Privilege Escalation to SYSTEM via Executable Overwrite | Cloud Foundry

High CVSSv4: High 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSSv3: High 8.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Vendor Cloud Foundry Foundation Versions Affected Severity is High unless otherwise noted. bosh-windows-stemcell-builder – All versions prior to...

8.8CVSS6AI score
Exploits0
CVE
CVE
added 2 days ago12 views

CVE-2026-58583

CVE-2026-58583 affects FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, enabling local privilege escalation for a standard user via arbitrary physical memory mapping at \Device\PhysicalMemory. Root cause: memory mapping vulnerability in the driver. Impact: potential elevation of pri...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-42094

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-58583

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago13 views

Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)

Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...

7.8CVSS6.7AI score0.96267EPSS
Exploits228Affected Software1
NVD
NVD
added 2 days ago8 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS0.0017EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

PYSEC-2026-1477 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...

7.3CVSS7.1AI score0.00154EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-42053

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
OSV
OSV
added 2 days ago4 views

RLSA-2026:33731 Moderate: rrdtool security update

The round robin database RRD system stores and displays time-series data, such as network bandwidth, machine-room temperature, and server load average. RRDtool is a high performance data logging and graphing utility, which can be easily integrated with shell scripts, or used to create application...

7.8CVSS6.1AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 3 days ago3 views

OESA-2026-2823 NetworkManager security update

NetworkManager attempts to keep an active network connection available at all times. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using DHCP, NetworkManager is intended to replace default routes, obtain IP addresses from a DHC...

6.7CVSS5.9AI score0.00118EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

OESA-2026-2811 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.CVE-2026-43951 Improper...

6.5CVSS5.9AI score0.00525EPSS
Exploits0References3
Rows per page
Query Builder