CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-52365 A command injection vulnerability in the szc script of the ccurtsinger/stabilizer repository allows remote attackers to execute arbitrary system commands via unsanitized user input passed to os.system... | 7.8 | HIGH | β | 0 |
| CVE-2026-20423 In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is n... | 7.8 | HIGH | β | 0 |
| CVE-2025-47379 Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources. | 7.8 | HIGH | β | 0 |
| CVE-2026-22163 Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical ... | 7.8 | HIGH | β | 0 |
| CVE-2026-21514 Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally. | 7.8 | HIGH | KEV | 0 |
| CVE-2025-71159 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free warning in btrfs_get_or_create_delayed_node() Previously, btrfs_get_or_create_delayed_node() set the del... | 7.8 | HIGH | β | 0 |
| CVE-2025-71157 In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() Since nldev_deldev() (introduced by commit 060c642b2ab8 ("RD... | 7.8 | HIGH | β | 0 |
| CVE-2026-1442 Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker (or anyone paying attention), the firmware updates may be altered by an ... | 7.8 | HIGH | β | 0 |
| CVE-2025-71156 In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are automatically enabled immediately upon request. Th... | 7.8 | HIGH | β | 0 |
| CVE-2025-71145 In the Linux kernel, the following vulnerability has been resolved: usb: phy: isp1301: fix non-OF device reference imbalance A recent change fixing a device reference leak in a UDC driver introduced... | 7.8 | HIGH | β | 0 |
| CVE-2026-26682 An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component | 7.8 | HIGH | β | 0 |
| CVE-2026-26959 ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below fail to validate the integrity or authenticity of the ADB binary path specified in the ManualAdbPath setting before executi... | 7.8 | HIGH | β | 0 |
| CVE-2026-27821 GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in `src/filters/dmx_nhml.c`. The value of the xmlHeaderEnd... | 7.8 | HIGH | β | 0 |
| CVE-2026-2664 An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an u... | 7.8 | HIGH | β | 0 |
| CVE-2026-23665 Heap-based buffer overflow in Azure Linux Virtual Machines allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-26101 Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request. | 7.8 | HIGH | β | 0 |
| CVE-2026-26102 Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request. | 7.8 | HIGH | β | 0 |
| CVE-2025-11002 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction wit... | 7.8 | HIGH | β | 0 |
| CVE-2026-33156 ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable direc... | 7.8 | HIGH | β | 0 |
| CVE-2025-15595 Privilege escalation via dll hijacking in Inno Setup 6.2.1 and ealier versions. | 7.8 | HIGH | β | 0 |
| CVE-2019-25435 Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data exe... | 7.8 | HIGH | β | 0 |
| CVE-2026-2914 CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs | 7.8 | HIGH | β | 0 |
| CVE-2025-14963 A vulnerability identified in the HX Agent driver file fekern.sysΒ allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Own Vulnerab... | 7.8 | HIGH | β | 0 |
| CVE-2026-27212 Swiper is a free and mobile touch slider with hardware accelerated transitions and native behavior. Versions 6.5.1 through 12.1.1 have a Prototype pollution vulnerability. The vulnerability resides in... | 7.8 | HIGH | β | 0 |
| CVE-2026-23083 In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOU_ATTR_IPPROTO. fou_udp_recv() has the same problem mentioned in the previous patch. If FOU_ATTR_IPPROTO... | 7.8 | HIGH | β | 0 |
| CVE-2026-23092 In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source When simple_write_to_buffer() succeeds, it returns th... | 7.8 | HIGH | β | 0 |
| CVE-2026-27272 Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi... | 7.8 | HIGH | β | 0 |
| CVE-2026-26141 Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-25190 Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-23074 In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root q... | 7.8 | HIGH | β | 0 |
| CVE-2026-25189 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-24018 A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinux 7.2.2 through 7.2.12 may allow a local and unprivileged user to escalate their... | 7.8 | HIGH | β | 0 |
| CVE-2026-23073 In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct ieee80211_vif contains trailing space for vif driv... | 7.8 | HIGH | β | 0 |
| CVE-2021-47869 Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRA_Scheduler service that allows local users to potentially execute arbitrary code. Attackers can place a mali... | 7.8 | HIGH | β | 0 |
| CVE-2020-36983 Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured serv... | 7.8 | HIGH | β | 0 |
| CVE-2020-36982 Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit t... | 7.8 | HIGH | β | 0 |
| CVE-2020-36981 Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path ... | 7.8 | HIGH | β | 0 |
| CVE-2020-36980 SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit t... | 7.8 | HIGH | β | 0 |
| CVE-2020-36979 Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executable... | 7.8 | HIGH | β | 0 |
| CVE-2020-36977 Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can ex... | 7.8 | HIGH | β | 0 |
| CVE-2020-36976 Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can explo... | 7.8 | HIGH | β | 0 |
| CVE-2020-36975 EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers ca... | 7.8 | HIGH | β | 0 |
| CVE-2020-36974 Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit ... | 7.8 | HIGH | β | 0 |
| CVE-2025-33234 NVIDIA runx contains a vulnerability where an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privilege... | 7.8 | HIGH | β | 0 |
| CVE-2026-0648 The vulnerability stems from an incorrect error-checking logic in the CreateCounter()Β function (in threadx/utility/rtos_compatibility_layers/OSEK/tx_osek.c) when handling the return value of osek_get_... | 7.8 | HIGH | β | 0 |
| CVE-2021-47761 MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service executable files in the MariaDB bin directory. Attackers can replace the mysqld.ex... | 7.8 | HIGH | β | 0 |
| CVE-2021-47762 HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquot... | 7.8 | HIGH | β | 0 |
| CVE-2025-41727 A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access. | 7.8 | HIGH | β | 0 |
| CVE-2021-47803 iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges. Attackers can insert a malicious ex... | 7.8 | HIGH | β | 0 |
| CVE-2021-47804 Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious execut... | 7.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.