5024 matches found
Genetec Update Service 安全漏洞
The Genetec Update Service is a patch distribution backend component of the American company Genetec. There is a security vulnerability in the Genetec Update Service. This vulnerability stems from the possibility of local administrators leaking information from the configuration page, which could...
CVE-2026-22267
Dell PowerProtect Data Manager, versions prior to 19.22, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2025-33249
NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...
CVE-2026-22267
Dell PowerProtect Data Manager, versions prior to 19.22, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2026-26119
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network...
PT-2026-20779
Dell PowerProtect Data Manager, versions prior to 19.22, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
Security Updates for Microsoft Word Products C2R (February 2026)
The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2026-21514 - An information disclosure vulnerability. An attacker can exploit...
CVE-2026-23857
Dell Update Package DUP Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2026-23856
Dell iDRAC Service Module iSM for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service Module iSM for Linux, versions prior to 5.4.1.1, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to...
PT-2026-7810
Dell iDRAC Service Module iSM for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service Module iSM for Linux, versions prior to 5.4.1.1, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to...
PT-2026-7915
Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability. A root-executed diagnostic script creates and writes files in /tmp without enforcing secure...
CVE-2026-21238
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Rockwell Automation Studio 5000 Logix Designer Code Issue Vulnerability
Rockwell Automation Studio 5000 Logix Designer is a Windows-based application from Rockwell Automation, Inc. It is used to build programs for PLCs. A code issue vulnerability exists in Rockwell Automation Studio 5000 Logix Designer, which stems from an unquoted service path in FactoryTalk...
CVE-2026-21259
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally...
CVE-2026-21241
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-21234
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally...
CVE-2026-21231
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-21238
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-21250 Windows HTTP.sys Elevation of Privilege Vulnerability
...
CVE-2026-21522
Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...