Lucene search
+L

8 matches found

Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.13 views

PT-2026-4690

In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00079EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.5 views

PT-2026-4701

Name of the Vulnerable Software and Affected Versions versions prior to 2026-0021 Description A cross-user permission bypass exists due to a confused deputy condition in the hasInteractAcrossUsersFullPermission function within the AppInfoBase.java file. This could allow for local escalation of...

8.4CVSS6.1AI score0.00098EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.14 views

PT-2026-4706

Look at the security patch preview section of https://t.co/ySklSke3uy. These are from the upcoming patch levels: Critical: CVE-2026-0039, CVE-2026-0040, CVE-2026-0041, CVE-2026-0042, CVE-2026-0043, CVE-2026-0044 High: CVE-2025-22424, CVE-2025-22426, CVE-2025-32348, CVE-2025-48561, CVE-2025-48615,...

7.8CVSS6.1AI score0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.11 views

PT-2026-4697

In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.9AI score0.00065EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.13 views

PT-2026-4698

In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.00096EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.20 views

PT-2026-4702

Look at the security patch preview section of https://t.co/ySklSke3uy. These are from the upcoming patch levels: Critical: CVE-2026-0039, CVE-2026-0040, CVE-2026-0041, CVE-2026-0042, CVE-2026-0043, CVE-2026-0044 High: CVE-2025-22424, CVE-2025-22426, CVE-2025-32348, CVE-2025-48561, CVE-2025-48615,...

7.8CVSS6.1AI score0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/23 12:0 a.m.13 views

PT-2025-43503

Name of the Vulnerable Software and Affected Versions SkiaRenderEngine affected versions not specified Description A flaw exists in the drawLayersInternal function within SkiaRenderEngine.cpp that may allow access to the GPU cache, potentially revealing side channel information. This could lead t...

7.4CVSS5.9AI score0.00091EPSS
Exploits0References6
CVE
CVE
added 2025/09/11 3:32 p.m.18 views

CVE-2025-10254

Affected software: Ascensio System SIA OnlyOffice up to 12.7.0. Vulnerable component: SVG Image Handler processing of /Products/Projects/Messages.aspx. Root cause: unknown processing leads to cross-site scripting. Impact: cross-site scripting with remote initiation potential; exploit publicly ava...

5.1CVSS4AI score0.00246EPSS
Exploits0References4
Rows per page
Query Builder