1024 matches found
CVE-2026-50299
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to execute code with a physical attack...
CVE-2026-49168
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to elevate privileges with a physical attack...
CVE-2026-50299 Windows Storage Spaces Direct Remote Code Execution Vulnerability
...
CVE-2026-50299
The CVE-2026-50299 entry describes an integer overflow/wraparound in Windows Storage Spaces Direct. Affected component: Storage Spaces Direct (Windows). Root cause: integer overflow allowing an unauthorized attacker to execute code. Impact: code execution with a physical attack vector; CVSS vecto...
CVE-2026-49168
CVE-2026-49168 is an elevation-of-privilege vulnerability in Windows Storage Spaces Direct caused by an integer overflow/wraparound. The issue, exploitable with physical access, allows an unauthenticated attacker to gain high-impact effects (confidentiality, integrity, and availability). CVSSv3.1...
Windows Storage Spaces Direct Remote Code Execution Vulnerability
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to execute code with a physical attack...
PT-2026-58187
Name of the Vulnerable Software and Affected Versions Windows Storage Spaces Direct affected versions not specified Description An integer overflow or wraparound issue exists in Windows Storage Spaces Direct. This flaw allows an unauthorized attacker with physical access to the system to execute...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.29.0 Release.
Red Hat OpenShift Dev Spaces 3.29.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.29 release is based on...
CVE-2026-15036 Harness gitspaces Endpoint list_all.go getAuthorizedSpaces authorization
A vulnerability was determined in Harness up to 2.28.2. This vulnerability affects the function getAuthorizedSpaces of the file app/api/controller/gitspace/listall.go of the component gitspaces Endpoint. Executing a manipulation can lead to authorization bypass. The attack can be executed remotel...
CVE-2026-12856
A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code. The extension incorrectly trusts all Markdown content in JavaDoc hovers, allowing a malicious Java file to include hidden commands. If a user clicks a specially crafted link within a JavaDo...
PYSEC-2026-345 Gradio allows users to access arbitrary files
Impact This vulnerability allows users of Gradio applications that have a public link such as on Hugging Face Spaces to access files on the machine hosting the Gradio application. This involves intercepting and modifying the network requests made by the Gradio app to the server. Patches Yes, the...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclamation The new inode function returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, allowing allocations in that address space to...
CVE-2016-20089
Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When installed from directories containing spaces, attackers can place malicious executables in the path to be...
PT-2026-50907
Name of the Vulnerable Software and Affected Versions Iperius Remote version 1.7.0 Description An unquoted service path issue exists where the service installation path is not enclosed in quotes. This allows local users to execute arbitrary code with SYSTEM privileges. If the software is installe...
CVE-2026-41155
The CVE-2026-41155 entry describes a vulnerability in GPU DDK where shared secure memory allocations are mapped into all GPU virtual address spaces, enabling cooperative data transfer between secure GPU processes and potential disruption of others, causing image corruption or GPU hardware recover...
Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps
The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance...
undertow: Undertow: Request Smuggling via Malformed HTTP Request Headers
A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...
undertow: Undertow: Request Smuggling via Malformed HTTP Request Headers
A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.28.2 Release.
Red Hat OpenShift Dev Spaces 3.28.2 has been released. This release provides security fixes for Dev Spaces components. https://access.redhat.com/support/policy/updates/openshiftcrw...
Updated xdg-dbus-proxy packages fix security vulnerability
A policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases...