CVE-2026-35355 uutils coreutils install Arbitrary File Overwrite via Symlink TOCTOU Race

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file installation. The implementation unlinks an existing destination file and then recreates it using a path-based operation without the OEXCL flag. A local attacker can exploit t...

EUVD-2026-24741

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all...

CVE-2018-25267

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...

CVE-2026-0539

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all...

CVE-2026-0539

Summary: CVE-2026-0539 describes a local privilege escalation in the pcvisit Windows service. The issue arises from incorrect default permissions on the pcvisit service binary, allowing a low-privileged local attacker to replace the binary with arbitrary contents. The service binary runs with SYS...

CVE-2026-0539 Local Privilege Escalation in pcvisit service client

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all...

CVE-2026-28684

A flaw was found in python-dotenv. A local attacker can exploit this by crafting a symbolic link, which the setkey and unsetkey functions in python-dotenv follow when rewriting .env files. This can lead to the overwriting of arbitrary files on the system. Mitigation Mitigation for this issue is...

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

EUVD-2026-24592

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

CVE-2026-6386

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

CVE-2026-6386

CVE-2026-6386: FreeBSD kernels with amd64 shmlargepage handling miss in pmap_pkru_update_range() fail to account for 1GB largepage mappings. An unprivileged user could cause the kernel to treat userspace memory as a page-table page, enabling overwrite of memory otherwise inaccessible. Impact desc...

CVE-2026-6386 Missing large page handling in pmap_pkru_update_range()

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

CVE-2026-6386

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

CVE-2026-6386 Missing large page handling in pmap_pkru_update_range()

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation via the X-Forwarded-Uri header when the --reverse-proxy setting is enabled and either --skip-auth-regex or --skip-auth-route is configured. An attacker can gain unauthorized access to protected routes by spoofing the...

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils, which stems from race conditions during operations across devices. This vulnerability could allow local attackers to redirect writes through symbolic links,...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from kernel subroutines that fail to consider the 1GB large-page mappings created using the shmcreatelargepage interface when updating page table entries. This...

pcvisit service binary 安全漏洞

The pcvisit service binary is a remote support software backend component provided by the German company pcvisit. There is a security vulnerability in the pcvisit service binary. This vulnerability stems from incorrect default permissions, allowing local attackers with low privileges to elevate...

PT-2026-34242

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the kernel's handling of protection keys for address ranges. The subroutine responsible for updating page table entries fails to account for 1GB largepage mappings creat...

PT-2026-34500

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit thi...