11966 matches found
EUVD-2026-2203
Improper access control in Windows Hyper-V allows an authorized attacker to disclose information locally...
EUVD-2026-2184
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...
EUVD-2026-2188
Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally...
EUVD-2026-2201
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...
EUVD-2026-2185
Access of resource using incompatible type 'type confusion' in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...
EUVD-2026-2196
Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network...
EUVD-2026-2195
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present...
EUVD-2026-2229
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
EUVD-2026-2076
An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute...
EUVD-2026-2224
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...
EUVD-2026-2231
An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel...
EUVD-2026-2235
An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...
EUVD-2026-2237
An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin...
EUVD-2026-2232
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections...
EUVD-2026-2219
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...
EUVD-2026-2236
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cutxfilldesc TID getting from ieee80211gettid might be out of range of array size of staentry-tids, so check TID is less than MAXTIDCOUNT. Othwerwise, UBSAN warn: UBSAN:...
EUVD-2026-2213
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix potential UAF in xeoaaddconfigioctl In xeoaaddconfigioctl, we accessed oaconfig-id after dropping metricslock. Since this lock protects the lifetime of oaconfig, an attacker could guess the id and call...
EUVD-2026-2214
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...
EUVD-2026-2225
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fibtableflush is called to flush all the routes that are using the dead nexthop. The...
EUVD-2026-2226
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix the crash issue for zero copy XDPTX action There is a crash issue when running zero copy XDPTX action, the crash log is shown below. 216.122464 Unable to handle kernel paging request at virtual address...