Lucene search
+L

30610 matches found

cve
cve
added yesterday4 views

CVE-2026-40106

Summary: CVE-2026-40106 affects the Windows agent of Wazuh (versions 4.6.0–pre-4.14.5). A heap-based buffer overflow occurs in the syscheck component during registry wildcard expansion. The code allocates a fixed 256-byte heap buffer (OS_SIZE_256); creating a registry subkey of maximum length (25...

4.7CVSS6.1AI score
Exploits0References1
nvd
nvd
added yesterday8 views

CVE-2026-6423

A local privilege escalation vulnerability in ESET Inspect Connector. The vulnerability was caused by improper authentication in an IPC channel...

8.5CVSS0.00116EPSS
Exploits0References1
cvelist
cvelist
added yesterday18 views

CVE-2026-6423 Local privilege escalation via unauthenticated ALPC in ESET Inspect Connector

A local privilege escalation vulnerability in ESET Inspect Connector. The vulnerability was caused by improper authentication in an IPC channel...

8.5CVSS0.00116EPSS
Exploits0References1
euvd
euvd
added yesterday6 views

EUVD-2026-44895

A local privilege escalation vulnerability in ESET Inspect Connector. The vulnerability was caused by improper authentication in an IPC channel...

8.5CVSS6.1AI score0.00116EPSS
Exploits0References1
cve
cve
added yesterday13 views

CVE-2026-6423

CVE-2026-6423 concerns a local privilege escalation in the ESET Inspect Connector caused by improper authentication on an ALPC IPC channel. The CVSS 4.0 vector (AV:L/AC:L/PR:L/UI:N/ATT:N/VC:H/VI:H/SA:N/SI:N/VA:H) yields a base score of 8.5 (HIGH). Reported impact indicates elevated confidentialit...

8.5CVSS6.1AI score0.00116EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago32 views

CVE-2026-14961 CVE-2026-14961

Pegatron Tdelo64.sys exposes a privileged device interface, \.\TdeIo, that fails to properly restrict access to sensitive IOCTL functionality. The driver's IOCTL dispatcher does not validate caller privileges or verify user-supplied kernel memory addresses before performing memory operations. By...

0.00121EPSS
Exploits1References1
rocky
rocky
added 2 days ago5 views

libinput security update

An update is available for libinput. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libinput is a library that handles input devices for display servers and...

9.8CVSS6.1AI score0.00498EPSS
Exploits0
cvelist
cvelist
added 3 days ago35 views

CVE-2026-50130 Pi-hole: Local privilege escalation from `pihole` user to root via `/etc/pihole/logrotate`

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotate. The replacement is laundered to root:root...

8.8CVSS0.00225EPSS
Exploits0References3
redhat
redhat
added 3 days ago5 views

libinput: local privilege escalation via crafted uinput devices

A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...

9.8CVSS6.2AI score0.00498EPSS
Exploits0References5
redhat
redhat
added 3 days ago6 views

Moderate: Red Hat Security Advisory: libinput security update

An update for libinput is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS6.1AI score0.00498EPSS
Exploits0References2
nvd
nvd
added 3 days ago7 views

CVE-2026-50650

Improper control of generation of code 'code injection' in .NET Framework allows an unauthorized attacker to elevate privileges locally...

7.8CVSS0.00285EPSS
Exploits0References1
nvd
nvd
added 3 days ago6 views

CVE-2026-58632

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00296EPSS
Exploits0References1
nvd
nvd
added 3 days ago5 views

CVE-2026-58633

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00313EPSS
Exploits0References1
nvd
nvd
added 3 days ago5 views

CVE-2026-58634

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00289EPSS
Exploits0References1
nvd
nvd
added 3 days ago6 views

CVE-2026-58613

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00325EPSS
Exploits1References2
nvd
nvd
added 3 days ago6 views

CVE-2026-58544

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...

7CVSS0.00234EPSS
Exploits0References1
nvd
nvd
added 3 days ago6 views

CVE-2026-58547

Heap-based buffer overflow in Universal Plug and Play upnp.dll allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00364EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-58538

Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00318EPSS
Exploits0References1
nvd
nvd
added 3 days ago5 views

CVE-2026-58541

Access of resource using incompatible type 'type confusion' in Windows DWM allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00296EPSS
Exploits0References1
nvd
nvd
added 3 days ago9 views

CVE-2026-58537

Use after free in Microsoft NAT Helper Components ipnathlp.dll allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00318EPSS
Exploits0References1
Rows per page
Query Builder