EUVD-2026-9245

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48623

In initpkvmhypvcpu of pkvm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-432548852

In WAVESsenddatatodsp of libaocwaves.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-3275)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may...

kernel: nf_tables: use-after-free in nft_chain_lookup_byid()

A use-after-free flaw was found in the Linux kernel's Netfilter module in net/netfilter/nftablesapi.c in nftchainlookupbyid. This flaw allows a local attacker to cause a local privilege escalation issue due to a missing cleanup...

CVE-2023-21175

In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

SUSE CVE-2018-9385

In driveroverridestore of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android I...

UBUNTU-CVE-2022-20572

In veritytarget of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20040

In powerhalmanagerservice, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219150; Issue ID: ALPS06219150...

Pulse Secure Client For Windows Local Privilege Escalation Vulnerability

Red Timmy Sec has discovered that Pulse Secure Client for Windows suffers from a local privilege escalation vulnerability in the PulseSecureService.exe service. Pulse Secure is recognized among the top 10 Network Access Control NAC vendors by global revenue market share. The company declares that...

CVE-2020-0105

In onKeyguardVisibilityChanged of keystoreservice.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the screen is locked, with no additional execution privileges needed. User interaction is not needed for...

CVE-2016-10120

Firejail uses 0777 permissions when mounting 1 /dev, 2 /dev/shm, 3 /var/tmp, or 4 /var/lock, which allows local users to gain privileges...