72 matches found
CVE-2026-46072
A flaw was found in the Linux kernel's ntfs3 module. A local attacker, by mounting a specially crafted NTFS New Technology File System image containing truncated run data, could trigger an out-of-bounds heap read. This vulnerability allows for the disclosure of sensitive information from kernel...
CVE-2026-44215 NanaZip: Heap out-of-bounds write in NanaZip UFS directory parser
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of th...
NanaZip 安全漏洞
NanaZip is a compression software open source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained security vulnerabilities. These vulnerabilities stemmed from the GetAllPaths function in the UFS/UFS2 file system image parser, which allowed recursive subdirectories without...
CVE-2026-25166
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally...
EUVD-2026-10629
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally...
CVE-2026-25166
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally...
CVE-2026-25166
CVE-2026-25166 /Windows System Image Manager ADK: A.local, low-privilege, no-user-interaction remote code execution vulnerability with high impact (C/H/I/A) per CVSS 3.1; fix is an official update. Exploitation details are not provided in the document.
CVE-2026-25166
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally...
CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability
...
CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability
...
Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally...
March 10, 2026—KB5079466 (OS Build 28000.1719)
March 10, 2026—KB5079466 OS Build 28000.1719 This security update for Windows 11, version 26H1 KB5079466, includes the latest security improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates, optional...
PT-2026-24293
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally...
EUVD-2018-7265
Malware in sbrugna...
EUVD-2019-2335
Malware in sbrugna...
EUVD-2024-41265
Malicious code in bioql PyPI...
EUVD-2022-42517
Malicious code in bioql PyPI...
EUVD-2024-26440
Malicious code in bioql PyPI...
EulerOS 2.0 SP10 : libblockdev (EulerOS-SA-2025-2102)
According to the versions of the libblockdev packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...
AZL-64190 CVE-2025-6019 affecting package libblockdev 3.2.0-1
A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the "allowactive" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allowactive" user on a syst...