21711 matches found
powerpc/64s/slb: Fix SLB multihit issue during SLB preload
...
f2fs: fix to avoid updating zero-sized extent in extent cache
...
net: stmmac: fix the crash issue for zero copy XDP_TX action
...
NFSD: NFSv4 file creation neglects setting ACL
...
Avahi has a reachable assertion in lookup_start
...
Avahi has a reachable assertion in lookup_multicast_callback
...
Avahi has a reachable assertion in avahi_wide_area_scan_cache
...
LIBPNG has a heap buffer over-read in png_image_read_direct_scaled (regression from CVE-2025-65018 fix)
...
LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*
...
Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability
...
Azure Core shared client library for Python Remote Code Execution Vulnerability
Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network...
Host Process for Windows Tasks Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...
Microsoft SharePoint Information Disclosure Vulnerability
Server-side request forgery ssrf in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network...
Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
Windows Telephony Service Elevation of Privilege Vulnerability
External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network...
Windows File Explorer Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...
Microsoft Excel Remote Code Execution Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Word Remote Code Execution Vulnerability
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
Microsoft Excel Security Feature Bypass Vulnerability
Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally...
Windows File Explorer Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...
Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an unauthorized attacker to disclose information locally...
Windows NDIS Information Disclosure Vulnerability
Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack...
Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability
Microsoft is aware of vulnerabilities in the third party Motorola Soft Modem drivers that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of smserl64.sys and smserial.sys drivers. The drivers have been removed in the January cumulative...
Windows HTTP.sys Elevation of Privilege Vulnerability
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network...
Microsoft Excel Remote Code Execution Vulnerability
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...
Desktop Window Manager Elevation of Privilege Vulnerability
Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally...
Windows Management Services Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
Windows Management Services Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
NTLM Hash Disclosure Spoofing Vulnerability
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
Windows Management Services Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
Windows Management Services Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability
Use after free in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to execute code over a network...
Windows SMB Server Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...
Microsoft SharePoint Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network...
Microsoft SharePoint Server Remote Code Execution Vulnerability
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Windows SMB Server Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
Windows SMB Server Denial of Service Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to deny service over a network...
Windows Management Services Elevation of Privilege Vulnerability
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...
Windows Management Services Elevation of Privilege Vulnerability
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...
Windows Management Services Elevation of Privilege Vulnerability
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...
MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability
Microsoft is aware of vulnerabilities in the third party Agere Soft Modem drivers that ship natively with supported Windows operating systems. This is an announcement of the removal of agrsm64.sys and agrsm.sys drivers. The drivers have been removed in the January 2026 cumulative update. Soft mod...
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally...