1976 matches found
CVE-2026-12781
CVE-2026-12781 affects EaseUS Partition Master up to 14.5. The flaw is in the kernel driver epmntdrv.sys, in an unknown function, enabling local, low-privilege access to escalate due to improper access control. Exploitation is publicly available and has been demonstrated as a local-facing vulnera...
EUVD-2026-38146
A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly...
CVE-2026-12781 EaseUS Partition Master Kernel Driver epmntdrv.sys access control
A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly...
EUVD-2026-38143
A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack must be carried out locally. The exploit has been disclosed ...
CVE-2026-12778 AOMEI Partition Assistant Kernel Driver ampa10.sys access control
A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack must be carried out locally. The exploit has been disclosed ...
CVE-2026-12778
The CVE-2026-12778 entry concerns AOMEI Partition Assistant up to version 10.10.1, specifically the kernel driver library ampa10.sys. The vulnerability is described as an improper access control issue in a kernel component, exploitable via a local attack. The description indicates that the exploi...
Siemens Ruggedcom Rox Uncontrolled Recursion (CVE-2019-13103)
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data. This plugin only works with Tenable.ot. Please visit...
util-linux: util-linux: heap use-after-free in libblkid nested partition probing
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
CVE-2026-39196
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...
PT-2026-49302
Name of the Vulnerable Software and Affected Versions Vector versions prior to 0.55.0 Description The ClickHouse sink contains a SQL/identifier injection flaw. The software escaped the table identifier but interpolated the database value raw into the INSERT statement, allowing a crafted database...
CVE-2026-39196
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...
CVE-2026-39196
Datadog Vector v0.54.0 contains a SQL injection in the set_uri_query parameter of KeyPartitioner::partition. The vulnerability could allow an attacker to access sensitive database information via crafted SQL statements. Affected component: Vector’s data routing/partition logic (KeyPartitioner::pa...
GreatXML-PoC
GreatXML Reverse-Shell POC A self-contained Python proof-of-c...
SUSE CVE-2026-53701
An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...
CVE-2026-53701
GStreamer: gst-plugins-bad H.266/VVC PPS picture partition parser (gst_h266_parser_parse_picture_partition) contains an out-of-bounds write due to a bound-check omission in the multi-slice-in-tile processing. The loop may write beyond three fixed-size arrays (slice_height_in_ctus, slice_top_left_...
CVE-2026-53701 Gstreamer1-plugins-bad-free: gstreamer: out-of-bounds write in h.266/vvc pps picture partition parser
An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...
CVE-2026-53701
An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
Security researcher Chaotic Eclipse aka Nightmare-Eclipse and MSNightmare has released a new Windows BitLocker bypass dubbed GreatXML , a day after they published an exploit for Microsoft Defender. "This was an accidental discovery, it took a total of 4 hours to find this," the researcher said in...
gst-plugins-bad 缓冲区错误漏洞
gst-plugins-bad is a GStreamer open-source plugin. gst-plugins-bad has a buffer error vulnerability, which stems from the multiple slice processing loop in the gsth266 parser’s gsth266parserparsepicturepartition function. This loop does not check whether the slice index exceeds the boundary. When...
CVE-2026-40290
A flaw was found in OP-TEE Trusted Execution Environment. A local attacker could exploit a user-after-free UAF race condition in the shared memory teardown logic when OP-TEE is configured as a Secure Partition Management Controller SPMC for Secure EL0 S-EL0 Secure Partitions. This vulnerability...