CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-0032 In multiple functions of mem_protect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileg... | 7.8 | HIGH | β | 0 |
| CVE-2019-25266 Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attacker... | 7.8 | HIGH | β | 0 |
| CVE-2019-25292 Alps HID Monitor Service 8.1.0.10 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the ... | 7.8 | HIGH | β | 0 |
| CVE-2025-47379 Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources. | 7.8 | HIGH | β | 0 |
| CVE-2025-33233 NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability where an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalat... | 7.8 | HIGH | β | 0 |
| CVE-2020-37098 Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted... | 7.8 | HIGH | β | 0 |
| CVE-2019-25310 ActiveFax Server 6.92 Build 0316 contains an unquoted service path vulnerability in the ActiveFaxServiceNT service that allows local attackers to potentially execute arbitrary code. Attackers can expl... | 7.8 | HIGH | β | 0 |
| CVE-2025-41727 A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access. | 7.8 | HIGH | β | 0 |
| CVE-2025-48503 A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | 7.8 | HIGH | β | 0 |
| CVE-2025-59603 Memory Corruption when processing invalid user address with nonstandard buffer address. | 7.8 | HIGH | β | 0 |
| CVE-2026-25731 calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection (SSTI) vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an eboo... | 7.8 | HIGH | β | 0 |
| CVE-2026-27821 GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in `src/filters/dmx_nhml.c`. The value of the xmlHeaderEnd... | 7.8 | HIGH | β | 0 |
| CVE-2026-29121 International Data Casting (IDC) SFX2100 satellite receiver comes with the `/sbin/ip`Β utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can... | 7.8 | HIGH | β | 0 |
| CVE-2026-0023 In createSessionInternal of PackageInstallerService.java, there is a possible way for an app to update its ownership due to a missing permission check. This could lead to local escalation of privilege... | 7.8 | HIGH | β | 0 |
| CVE-2025-59600 Memory Corruption when adding user-supplied data without checking available buffer space. | 7.8 | HIGH | β | 0 |
| CVE-2025-47386 Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs. | 7.8 | HIGH | β | 0 |
| CVE-2020-37021 10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in s... | 7.8 | HIGH | β | 0 |
| CVE-2020-37020 SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe i... | 7.8 | HIGH | β | 0 |
| CVE-2025-71234 In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add The driver does not set hw->sta_data_size, which causes mac80211 to all... | 7.8 | HIGH | β | 0 |
| CVE-2020-37017 CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary ... | 7.8 | HIGH | β | 0 |
| CVE-2020-37016 BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. Attackers can exploit the unquoted path in... | 7.8 | HIGH | β | 0 |
| CVE-2025-47385 Memory Corruption when accessing trusted execution environment without proper privilege check. | 7.8 | HIGH | β | 0 |
| CVE-2025-47381 Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs. | 7.8 | HIGH | β | 0 |
| CVE-2020-36953 MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted pat... | 7.8 | HIGH | β | 0 |
| CVE-2026-26959 ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below fail to validate the integrity or authenticity of the ADB binary path specified in the ManualAdbPath setting before executi... | 7.8 | HIGH | β | 0 |
| CVE-2026-29123 A SUID root-owned binary in /home/xd/terminal/XDTerminalΒ in International Data Casting (IDC) SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on condit... | 7.8 | HIGH | β | 0 |
| CVE-2020-36952 IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service... | 7.8 | HIGH | β | 0 |
| CVE-2026-29124 Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2Β in International... | 7.8 | HIGH | β | 0 |
| CVE-2026-29126 Incorrect permission assignment (world-writable file) in /etc/udhcpc/default.scriptΒ in International Data Casting (IDC) SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially e... | 7.8 | HIGH | β | 0 |
| CVE-2026-27287 InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An... | 7.8 | HIGH | β | 0 |
| CVE-2026-33851 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in joncampbell123 doslib.This issue affects doslib: before doslib-20250729. | 7.8 | HIGH | β | 0 |
| CVE-2026-23271 In the Linux kernel, the following vulnerability has been resolved: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race Make sure that __perf_event_overflow() runs with IRQs disable... | 7.8 | HIGH | β | 0 |
| CVE-2026-33850 Out-of-bounds Write vulnerability in WujekFoliarz DualSenseY-v2.This issue affects DualSenseY-v2: before 54. | 7.8 | HIGH | β | 0 |
| CVE-2026-32184 Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-23406 In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in match_char() macro usage The match_char() macro evaluates its character parameter multiple times ... | 7.8 | HIGH | β | 0 |
| CVE-2026-23275 In the Linux kernel, the following vulnerability has been resolved: io_uring: ensure ctx->rings is stable for task work flags manipulation If DEFER_TASKRUN | SETUP_TASKRUN is used and task work is a... | 7.8 | HIGH | β | 0 |
| CVE-2026-32183 Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | β | 0 |
| CVE-2025-47390 Memory corruption while preprocessing IOCTL request in JPEG driver. | 7.8 | HIGH | β | 0 |
| CVE-2026-25203 Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1. | 7.8 | HIGH | β | 0 |
| CVE-2026-27284 InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory str... | 7.8 | HIGH | β | 0 |
| CVE-2026-23272 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case that the set is full, a new element gets published... | 7.8 | HIGH | β | 0 |
| CVE-2026-26183 Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-27910 Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-27291 InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... | 7.8 | HIGH | β | 0 |
| CVE-2026-23245 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump pa... | 7.8 | HIGH | β | 0 |
| CVE-2026-4756 Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11. | 7.8 | HIGH | β | 0 |
| CVE-2026-24294 Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-29923 The pstrip64.sys driver in EnTech Taiwan PowerStrip <=3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical mem... | 7.8 | HIGH | β | 0 |
| CVE-2026-21374 Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation. | 7.8 | HIGH | β | 0 |
| CVE-2026-23351 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Und... | 7.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.