307 matches found
CVE-2026-50255
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges...
EUVD-2026-37035
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges...
CVE-2026-50255
CVE-2026-50255 affects Optical Disc Archive Software for Windows (5.5.3 and earlier). The issue is an incorrect default permissions setting that could allow an attacker to execute arbitrary code with SYSTEM privileges. CVSS details indicate local access with high impact to confidentiality, integr...
PT-2026-49612
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges...
EUVD-2026-35551
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally...
PT-2026-47982
Name of the Vulnerable Software and Affected Versions Windows SDK affected versions not specified Description A use after free issue allows an authorized attacker to elevate privileges locally, which can affect the system. Use after free is a memory corruption flaw that occurs when an application...
CVE-2026-20767
Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...
Intel QAT software drivers for Windows 代码问题漏洞
Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a code vulnerability caused by a null pointer...
CVE-2026-34596
Sandboxie-Plus (Windows) prior to v1.17.3 contains a TOCTOU race during addon installation. UpdUtil.exe runs as SYSTEM via SandBoxieSvc, stages updater files in %TEMP%\sandboxie-updater, verifies hashes against the addon manifest, then extracts files.cab and runs config.exe. An unprivileged user ...
CVE-2019-25644 WinMPG Video Convert 9.3.5 Buffer Overflow Local Denial of Service
WinMPG Video Convert 9.3.5 and older versions contain a buffer overflow vulnerability in the registration dialog that allows local attackers to crash the application by supplying oversized input. Attackers can paste a large payload of 6000 bytes into the Name and Registration Code field to trigge...
CVE-2025-10314 Malicious Code Execution Vulnerability in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files EXE or DLLs in the installation directory with specially...
Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows
Overview Mitsubishi small-capacity UPS shutdown software FREQSHIP-mini for Windows provided by Mitsubishi Electric Corporation contains the following vulnerability. Incorrect default permissions CWE-276 - CVE-2025-10314 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this...
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Microsoft on Wednesday announced that it has taken a "coordinated legal action" in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The effort, per the tech giant, is part of a broader law enforcement effort in...
Microsoft Windows SDK < 10.0.26100.7463 Inbox COM Objects (Global Memory) RCE (January 2026)
The version of Microsoft Windows SDK installed on the remote host is prior to 10.0.26100.7463. It is, therefore, affected by a remote code execution vulnerability: - Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. CVE-2026-21219 Note that Nessus has no...
CVE-2021-0106
Incorrect default permissions in the IntelR OptaneTM DC Persistent Memory for Windows software versions before 2.00.00.3842 or 1.00.00.3515 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2024-34028
Uncontrolled search path in some IntelR Graphics Offline Compiler for OpenCLTM Code software for Windows before version 2024.1.0.142, graphics driver 31.0.101.5445 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-23511
A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window opens with SYSTEM...
CVE-2024-39356
NULL pointer dereference in some IntelR PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access...
Google Chrome Security Update (stable-channel-update-for-desktop_17-2025-11) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Intel QAT Windows software code issue vulnerability
Intel QAT Windows software refers to the collection of Intel® Data Protection and Compression Acceleration Technology software components that provide support for the Windows operating system. A code issue vulnerability exists in Intel QAT Windows software that originates from an improper conditi...