Lucene search
K
PtsecurityRecent

185797 matches found

Positive Technologies
Positive Technologies
•added 5 hours ago•5 views

PT-2026-58877

Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On...

8.5CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 5 hours ago•5 views

PT-2026-58876

Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in...

7.2CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 5 hours ago•7 views

PT-2026-58866

An information disclosure vulnerability was identified in TP-Link Kasa EC70 v4 and EC71 v4 in the local discovery mechanism, which exposes sensitive geolocation information without requiring authentication. This issue allows an attacker on the same local network to retrieve geolocation-related da...

5.3CVSS6.1AI score
Exploits0References6
Positive Technologies
Positive Technologies
•added 5 hours ago•6 views

PT-2026-58871

Improper Neutralization of Special Elements used in an SQL Command "SQL Injection" in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the ' ...

5.9CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 5 hours ago•4 views

PT-2026-58874

Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protection...

8.4CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 5 hours ago•5 views

PT-2026-58875

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...

5.6CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 5 hours ago•5 views

PT-2026-58873

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...

8.2CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 5 hours ago•9 views

PT-2026-58867

Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices. An attacker with access to the firmware image can extract the embedded key. Successful exploitation may allow an unauthenticated attacker on the same...

8.6CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
•added 5 hours ago•6 views

PT-2026-58872

An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middleMITM user to make the router download and execute arbitrary command via a spoofed server. Refer to the ' Security Update for ASUS Router Firmware '...

9.5CVSS6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58508

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58581

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...

5.5CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58441

Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally...

7.1CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58452

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...

8.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58233

Heap-based buffer overflow in Windows Overlay Filter allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58217

Exposure of sensitive information to an unauthorized actor in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•5 views

PT-2026-58467

Use after free in Windows Graphics Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•6 views

PT-2026-58830

CAI Content Credentials is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue requires user interaction in that a victim must...

7.4CVSS6.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•5 views

PT-2026-58471

Off-by-one error in Windows Remote Desktop Protocol allows an unauthorized attacker to disclose information over a network...

6.5CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58393

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Media allows an authorized attacker to elevate privileges over a network...

7.5CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•5 views

PT-2026-58133

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to execute code over a network...

9.6CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58562

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58249

Heap-based buffer overflow in Microsoft Exchange Server allows an authorized attacker to execute code over a network...

8.8CVSS6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58336

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an unauthorized attacker to elevate privileges over a network...

7CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•5 views

PT-2026-58666

Uncontrolled resource consumption in Windows DHCP Server allows an unauthorized attacker to deny service over a network...

7.5CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58230

Heap-based buffer overflow in Windows Kernel allows an unauthorized attacker to elevate privileges with a physical attack...

6.8CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58464

Use after free in Windows Installer allows an authorized attacker to elevate privileges locally...

7CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58202

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Windows App Store allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58540

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...

5.5CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•6 views

PT-2026-58626

Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network...

8.8CVSS6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58234

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...

6.1CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•7 views

PT-2026-58484

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally...

7.8CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58687

Audition is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•8 views

PT-2026-58663

Improper access control in Microsoft 365 Copilot for iOS allows an unauthorized attacker to elevate privileges over a network...

8.1CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58157

Improperly implemented security check for standard in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

7.8CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58358

Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network...

6.5CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58549

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•5 views

PT-2026-58600

Integer overflow or wraparound in Windows NTFS allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58370

Access of resource using incompatible type 'type confusion' in Windows Kernel allows an authorized attacker to elevate privileges locally...

7CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58521

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•5 views

PT-2026-58135

Use after free in Windows App Installer allows an authorized attacker to elevate privileges locally...

7CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58457

Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information locally...

5.5CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58516

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58265

Untrusted search path in Microsoft XML allows an unauthorized attacker to bypass a security feature with a physical attack...

6.4CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•5 views

PT-2026-58524

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58548

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•5 views

PT-2026-58528

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...

5.5CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58494

Use after free in Windows NTFS allows an authorized attacker to elevate privileges locally...

7CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58583

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58328

Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally...

5.5CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added yesterday•4 views

PT-2026-58703

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS6.1AI score
Exploits0References2
Total number of security vulnerabilities185797