CVE-2026-41156

CVE-2026-41156 concerns GPU DDK where a CPU-thread driver frees a memory page used by a GPU firmware thread, causing a write-after-free (UAF) due to the GPU still accessing the resource. The issue references a SYNC_PRIMITIVE_BLOCK firmware address without holding a reference in the kernelfirmware...

CVE-2025-66513 Nextcloud Tables app share information not limited to relevant users

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.9, 0.9.6, and 1.0.1, the information which table numeric ID is shared with which groups or users and the respective permissions was not limited to privileged users. This vulnerability is fixed in 0.8.9,...

PT-2025-36972

Name of the Vulnerable Software and Affected Versions: NVIDIA NVDebug tool affected versions not specified Description: The NVIDIA NVDebug tool contains an issue that may allow an attacker to execute code on the platform host as a non-privileged user. A successful exploit may lead to code...

CVE-2025-55741

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intend...

PT-2023-14632 · Unknown · Livebox Collaboration Vdesk

Name of the Vulnerable Software and Affected Versions: LIVEBOX Collaboration vDesk versions through v018 Description: An issue exists due to Broken Access Control under the "/api/v1/vdesk DOMAIN/export" endpoint. A malicious user, authenticated to the product without any specific privilege, can u...

SUSE CVE-2016-10124

An issue was discovered in Linux Containers LXC before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the container...

SUSE CVE-2017-1000199

tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handlerqcow.so resulting in non-privileged users being able to check for existence of any file with root privileges...

CVE-2021-36286

Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by anynon-privileged user under some object...

Arbitrary file deletion

Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by anynon-privileged user under some object...

Oracle Database Server CVE-2020-2510 Remote Security Vulnerability

Description Oracle Database Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'OracleNet' protocol. The 'Core RDBMS' component is affected. This vulnerability affects the following supported versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c...

Oracle Database Server CVE-2020-2518 Remote Security Vulnerability

Description Oracle Database Server is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. The 'Java VM' component is affected. This vulnerability affects the following supported versions: 11.2.0.4, 18c and 19c. Technologies Affected Oracle Databas...

Oracle Hospitality OPERA 5 CVE-2020-2677 Remote Security Vulnerability

Description Oracle Hospitality OPERA 5 is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Login' component is affected. This vulnerability affects the following supported versions: 5.5, 5.6 Technologies Affected Oracle Hospitality OPERA ...

Oracle Siebel CRM Cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Siebel CRM is prone to multiple remote security vulnerabilities. These vulnerabilities affect the 'EAI' and 'SWSE Server' components and can be exploited over the 'HTTP' protocol. These vulnerabilities affect the following supported versions: 19.10 and prior Technologies Affect...

Microsoft Windows Search Indexer CVE-2020-0625 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

SAP Basis Automated Note Search Tool CVE-2020-6307 Remote Authorization Bypass Vulnerability

Description SAP Basis is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP Automated Note Search Tool SAP Basis 7.00 SAP Basis 7.01 SAP Basis 7.0...

Oracle Application Testing Suite CVE-2020-2673 Remote Security Vulnerability

Description Oracle Application Testing Suite is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Oracle Flow Builder' component is affected. This vulnerability affects the following supported versions: 12.5.0.3, 13.1.0.1, 13.2.0.1, 13.3.0...

Oracle Outside In Technology Multiple Remote Security Vulnerabilities

Description Oracle Outside In Technology is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Outside In Filters' component is affected. These vulnerabilities affect the following supported versions: 8.5.4 Technologies Affecte...

Oracle Java SE CVE-2020-2585 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'JavaFX' component. This vulnerability affects the following supported versions: Java SE: 8u241 Technologies Affected Oracle JDKLinux Producti...

Microsoft Windows Search Indexer CVE-2020-0633 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Oracle Database Server CVE-2020-2731 Local Security Vulnerability

Description Oracle Database Server is prone to a local security vulnerability. The vulnerability can be exploited over the 'Local Logon' protocol. The 'Core RDBMS' component is affected. This vulnerability affects the following supported versions: 12.1.0.2, 12.2.0.1, 18c and 19c Technologies...