| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain a stored cross-site scripting vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability. Exploitation may lead to information disclosure, session theft, or client-side request forgery. |
| Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handshake can send a PLAY request with an excessively long clock= value to cause the RTSP service to crash. |
| External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally. |
| A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91) allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request. |
| A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted request_key payload to trick the root-owned helper into entering a custom environment (namespace) containing a malicious NSS module. This forces the system to load the attacker's controlled NSS Module and configuration, allowing them to execute arbitrary commands as the root user, elevating their privileges and fully compromising the system. |
| Time-of-check time-of-use (toctou) race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Media allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows USB Print Driver allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Runtime allows an authorized attacker to elevate privileges over a network. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally. |
| Stack-based buffer overflow in Windows Resilient File System (ReFS) allows an unauthorized attacker to execute code locally. |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. |
| Improper authorization in Active Directory Certificate Services (AD CS) allows an authorized attacker to elevate privileges over a network. |
| Integer overflow or wraparound in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally. |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. |