386 matches found
Important: Red Hat Security Advisory: webkit2gtk3 security update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
CVE-2026-11858
Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service. The update service runs as NT AUTHORITY\SYSTEM and exposes a .NET Remoting interface over a named pipe without sufficient access controls or authorization. A local authenticated...
CVE-2026-11858
Quanos SCHEMA ST4 on-premises is affected by a local privilege escalation due to insufficient authorization on the Client Update Service. The service, running as NT AUTHORITY\SYSTEM, exposes a .NET Remoting interface over a named pipe without proper access controls. A local authenticated low-priv...
CVE-2026-11857
The CVE describes a local privilege escalation in Quanos SCHEMA ST4 on-premises, via insecure deserialization in the .NET Remoting endpoint exposed by the Client Update Service. The service uses TypeFilterLevel.Full and binds to local interfaces over named pipes, enabling a local authenticated at...
Windows Server Update Service - Insecure Deserialization
Windows Server Update Service contains an insecure deserialization vulnerability caused by deserialization of untrusted data. An unauthorized attacker with network access can exploit this to execute arbitrary code remotely, potentially leading to full system compromise. id: CVE-2025-59287 info:...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
Security information for Hitachi Disk Array Systems
Overview CVE-2026-0390 | UEFI Secure Boot Security Feature Bypass Vulnerability CVE-2026-20806 | Windows COM Server Information Disclosure Vulnerability CVE-2026-20928 | Windows Recovery Environment Security Feature Bypass Vulnerability CVE-2026-20930 | Windows Management Services Elevation of...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...
Important: Red Hat Security Advisory: rhc security update
An update for rhc is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...
EUVD-2026-23197
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-41030
CVE-2026-41030 affects ONLYOFFICE DesktopEditors prior to 9.3.0. The update service can be abused to perform actions on files with SYSTEM privileges, indicating a local privilege escalation. CVSS 3.1: AV=L/AC=L/PR=N/UI=N/S=U, Impact: Confidentiality=NONE, Integrity=NONE, Availability=HIGH. Exploi...
CVE-2026-41030
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
DesktopEditors 安全漏洞
DesktopEditors is an open-source offline office suite developed by ONLYOFFICE, supporting editing of documents, spreadsheets, presentations, and PDFs. Versions of DesktopEditors prior to 9.3.0 contained a security vulnerability. This vulnerability stemmed from defects in the update service, which...
PT-2026-33271
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...
CVE-2026-32224
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
EUVD-2026-22410
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Server Update Service allows an authorized attacker to elevate privileges locally...
EUVD-2026-22376
Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...