21767 matches found
spufs: fix gang directory lifetimes
...
udp: Fix memory accounting leak.
...
ksmbd: validate zero num_subauth before sub_auth is accessed
...
ksmbd: Fix dangling pointer in krb_authenticate
...
drm/nouveau: prime: fix ttm_bo_delayed_delete oops
...
drm/amd/pm: Prevent division by zero
...
btrfs: fix qgroup reserve leaks in cow_file_range
...
qibfs: fix _another_ leak
...
GNU Binutils objdump debug.c debug_type_samep memory corruption
...
Crossbeam-channel: crossbeam-channel vulnerable to double free on drop
...
Ansible-core: ansible-core user may read/write unauthorized content
...
GNU Binutils ld elflink.c elf_gc_sweep memory corruption
...
Azure Monitor Agent Remote Code Execution Vulnerability
Improper control of generation of code 'code injection' in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network...
Win32k Elevation of Privilege Vulnerability
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...
Windows Connected Devices Platform Service Remote Code Execution Vulnerability
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network...
Windows Print Spooler Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network...
Microsoft PowerPoint Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally...
Microsoft SharePoint Remote Code Execution Vulnerability
Improper control of generation of code 'code injection' in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
Microsoft Office Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
Windows Media Elevation of Privilege Vulnerability
Use after free in Windows Media allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Use after free in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...
Windows BitLocker Security Feature Bypass Vulnerability
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
Windows Hyper-V Information Disclosure Vulnerability
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network...
Windows Graphics Component Remote Code Execution Vulnerability
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally...
Visual Studio Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in Visual Studio allows an unauthorized attacker to elevate privileges over a network...
Microsoft Teams Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Teams allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Denial of Service Vulnerability
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network...
Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability
Time-of-check time-of-use toctou race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Microsoft SharePoint Server Spoofing Vulnerability
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...
Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...
Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
Microsoft Brokering File System Elevation of Privilege Vulnerability
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
Workspace Broker Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Workspace Broker allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network...
Windows StateRepository API Server file Tampering Vulnerability
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally...
GitHub: CVE-2025-46835 Git File Overwrite Vulnerability
CVE-2025-46835 is regarding a vulnerability in Git GUI where when a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite any writable file. GitHub created this CVE on their behalf...
GitHub: CVE-2025-46334 Git Malicious Shell Vulnerability
CVE-2025-46334 is regarding a vulnerability in Git GUI Windows only where a malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executables in the worktree. These programs are invoked when the user selects...
GitHub: CVE-2025-27613 Gitk Arguments Vulnerability
CVE-2025-27613 is regarding a vulnerability in Gitk where when a user clones an untrusted repository and runs Gitk without additional command arguments, any writable file can be created and truncated. The option "Support per-file encoding" must have been enabled. The operation "Show origin of thi...
Windows Netlogon Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network...
Microsoft Office Elevation of Privilege Vulnerability
Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally...
Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
Integer overflow or wraparound in Virtual Hard Disk VHDX allows an unauthorized attacker to elevate privileges locally...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Double free in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an unauthorized attacker to elevate privileges locally...
Office Developer Platform Security Feature Bypass Vulnerability
Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally...
Universal Print Management Service Elevation of Privilege Vulnerability
Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally...