EUVD-2025-210125

Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for vir...

CVE-2026-10847

A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS. An authenticated local user may be able to execute arbitrary code with SYSTEM privileges due to improper handling of executable resolution during the log collection process. Successful exploitatio...

CVE-2025-7064 Freelance Security Lock – Access to Windows OS

Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024...

CVE-2025-7064

ABB Freelance is affected by CVE-2025-7064 with an authentication bypass described as a primary weakness. Affected releases include Freelance through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, and 2024. Metrics show CVSS v3.1: Low impact on confidentiality, High impact on integ...

PT-2026-48661

Name of the Vulnerable Software and Affected Versions Check Point Identity Agent Full for Windows OS affected versions not specified Description A local privilege escalation issue exists where an authenticated local user can execute arbitrary code with SYSTEM privileges. This occurs due to improp...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2026-47291 Overview RCE exploit for CVE-2026-47291 t...

CVE-2026-34335

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2026-44804 Windows DWM Core Library Elevation of Privilege Vulnerability

...

CVE-2026-44813 Windows DWM Core Library Elevation of Privilege Vulnerability

...

EUVD-2026-35727

Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network...

CVE-2026-42980 NT OS Kernel Elevation of Privilege Vulnerability

...

CVE-2026-42907 Windows Shell Information Disclosure Vulnerability

...

CVE-2026-42904

CVE-2026-42904 is a Windows TCP/IP heap-based buffer overflow vulnerability that allows an unauthenticated attacker on an adjacent network to elevate privileges. The issue affects the Windows TCP/IP stack and is identified as a 9.6 (CRITICAL) CVSSv3.1 Base Score with attacker-friendly characteris...

CVE-2026-40404 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

...

PT-2026-47874

Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS affected versions not specified Description A heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally. A heap-based buffer overflow occurs when a program writes more...

PT-2026-48016

Name of the Vulnerable Software and Affected Versions Windows BitLocker affected versions not specified Description A protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature through a physical attack, which can subsequently affect the system...

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows RDP component has a buffer error vulnerability. The following products and versions are affected: Windows 10 Version 1809 for 32-bit systems, Windows 10 Version 1809 for...

Microsoft Windows 安全漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows UEFI. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Windows 11...

CVE-2026-39908 OpenBullet2 0.3.2 NTLMv2 Hash Disclosure via UNC Path Proxy Source

OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...

EUVD-2026-34448

Integer overflow in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...