Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2026-21509 Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally. | 7.8 | HIGH | KEV | 0 |
| CVE-2026-30900 Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | 7.8 | HIGH | — | 0 |
| CVE-2016-20033 Wowza Streaming Engine 4.5.0 contains a local privilege escalation vulnerability that allows authenticated users to escalate privileges by replacing executable files due to improper file permissions g... | 7.8 | HIGH | — | 0 |
| CVE-2017-20218 Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the... | 7.8 | HIGH | — | 0 |
| CVE-2026-27940 llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the gguf_init_from_file_impl() in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Usi... | 7.8 | HIGH | — | 0 |
| CVE-2026-32711 pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set... | 7.8 | HIGH | — | 0 |
| CVE-2026-33298 llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a G... | 7.8 | HIGH | — | 0 |
| CVE-2026-32708 PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh pub... | 7.8 | HIGH | — | 0 |
| CVE-2026-21385 Memory corruption while using alignments for memory allocation. | 7.8 | HIGH | KEV | 0 |
| CVE-2026-3476 A Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026 could allow an attacker to execute arbitrary code on the user's machine while opening a specially cra... | 7.8 | HIGH | — | 0 |
| CVE-2026-23554 The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications done under the same locked region only issue a si... | 7.8 | HIGH | — | 0 |
| CVE-2019-25612 Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload ... | 7.8 | HIGH | — | 0 |
| CVE-2026-3989 SGLangs `replay_request_dump.py` contains an insecure pickle.load() without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will... | 7.8 | HIGH | — | 0 |
| CVE-2025-69783 A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name (e.g., csrss.exe, edrsvc.exe, edrcon.exe). This allows unauthori... | 7.8 | HIGH | — | 0 |
| CVE-2026-23665 Heap-based buffer overflow in Azure Linux Virtual Machines allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-23862 Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local... | 7.8 | HIGH | — | 0 |
| CVE-2026-33150 libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a use-after-free vulnerability in the io_uring subsystem of libfuse allows a local attacker to ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21514 Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally. | 7.8 | HIGH | KEV | 0 |
| CVE-2026-22163 Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical ... | 7.8 | HIGH | — | 0 |
| CVE-2026-3888 Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up thi... | 7.8 | HIGH | — | 0 |
| CVE-2025-64301 An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out‑of‑bounds ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21519 Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | KEV | 0 |
| CVE-2025-66342 A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerability, which can lead to memory corruption and result in arbitra... | 7.8 | HIGH | — | 0 |
| CVE-2026-0957 There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code e... | 7.8 | HIGH | — | 0 |
| CVE-2026-4295 Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted proj... | 7.8 | HIGH | — | 0 |
| CVE-2026-0956 There is a memory corruption vulnerability due to an out-of-bounds read when loading a corrupted file in Digilent DASYLab. This vulnerability may result in information disclosure or arbitrary code ex... | 7.8 | HIGH | — | 0 |
| CVE-2026-21298 Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of... | 7.8 | HIGH | — | 0 |
| CVE-2026-21307 Substance3D - Designer versions 15.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... | 7.8 | HIGH | — | 0 |
| CVE-2025-68968 Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function. | 7.8 | HIGH | — | 0 |
| CVE-2025-15371 A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation w... | 7.8 | HIGH | — | 0 |
| CVE-2025-47343 Memory corruption while processing a video session to set video parameters. | 7.8 | HIGH | — | 0 |
| CVE-2026-20924 Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20923 Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20940 Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20938 Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20840 Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20976 Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script. | 7.8 | HIGH | — | 0 |
| CVE-2026-20816 Time-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20970 Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs. | 7.8 | HIGH | — | 0 |
| CVE-2026-20837 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20957 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20956 Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20955 Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20971 Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code. | 7.8 | HIGH | — | 0 |
| CVE-2025-12771 IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. | 7.8 | HIGH | — | 0 |
| CVE-2026-20951 Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20950 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20817 Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20949 Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-20948 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.