Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP. In versions prior to 2.7.0, NT LAN Manager NTLM authentication does not properly abort when someone provides an empty password value. This issue affects FreeRDP-based RDP Server implementations. RDP clients are not affected. The...

CVE-2026-6517

Mattermost Desktop App (versions

CVE-2026-6517 Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

GHSA-7QMG-GRCP-QF25 GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page

Summary A vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web page and create files containing the master password in plaintext. The provided file name must be an absolute path to t...

CVE-2026-42980

Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...

EUVD-2026-35529

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-50508

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-45636

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally...

CVE-2026-42916

Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...

EUVD-2026-35600

Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...

EUVD-2026-35598

Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-42980 NT OS Kernel Elevation of Privilege Vulnerability

...

NT OS Kernel Elevation of Privilege Vulnerability

Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...

Microsoft Windows NT OS Kernel 缓冲区错误漏洞

The Microsoft Windows NT OS Kernel is the core of the Windows operating system developed by Microsoft Corporation. It is responsible for managing system resources, providing hardware abstraction, and ensuring system security and stability. There are security vulnerabilities in the Microsoft Windo...

PT-2026-47895

Name of the Vulnerable Software and Affected Versions Windows NT OS Kernel affected versions not specified Description An integer underflow wrap or wraparound in the kernel allows an authorized attacker to elevate privileges locally. This issue can be used as a post-breach maneuver to gain full...

CVE-2021-4481

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execu...

CVE-2021-4481

CVE-2021-4481 involves Dräger Protector Software, prior to version 6.4.2, which has a local privilege escalation vulnerability caused by insecure file system permissions. According to the connected records, this allows local attackers to replace binaries or loaded modules on the host and execute ...

CVE-2021-4480

CVE-2021-4480 affects Dräger Protector Software prior to version 6.4.2. The issue is a local privilege escalation caused by insecure file system permissions that allow a local attacker to replace binaries or loaded modules and execute code with NT SYSTEM privileges. The description does not speci...

CVE-2026-8993

D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...

PT-2026-45860

Name of the Vulnerable Software and Affected Versions Dräger Protector Software versions prior to 6.4.2 Description Insecure file system permissions allow local attackers to execute arbitrary code with elevated privileges. This is achieved by replacing binaries or loaded modules on the host syste...