Search Results (4158 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-4018 1 Blackberry 3 Qnx Os For Medical, Qnx Os For Safety, Qnx Software Development Platform 2026-07-15 6.4 Medium
TOCTOU Race Condition in specific trace commands of the TraceEvent() system call could allow an attacker with local access and with the PROCMGR_AID_TRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel.
CVE-2026-48572 1 Microsoft 5 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 and 2 more 2026-07-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows App Installer allows an authorized attacker to elevate privileges locally.
CVE-2026-50317 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Operating Systems allows an authorized attacker to elevate privileges locally.
CVE-2026-50321 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-58628 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-15 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Wireless Networking allows an authorized attacker to elevate privileges locally.
CVE-2026-4878 2 Libcap Project, Redhat 18 Libcap, Ai Inference Server, Cost Management and 15 more 2026-07-15 6.7 Medium
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.
CVE-2026-50369 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 8.8 High
Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges over a network.
CVE-2026-13882 1 Google 1 Chrome 2026-07-15 9.6 Critical
Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-50673 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 7.8 High
Null pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-49808 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-58608 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 8.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to execute code over a network.
CVE-2026-50458 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7.8 High
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2026-50361 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7.8 High
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2026-50305 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7.8 High
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2026-50672 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-15 7 High
Use after free in Windows NTFS allows an authorized attacker to elevate privileges locally.
CVE-2026-50503 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.
CVE-2026-50457 1 Microsoft 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more 2026-07-15 7.8 High
Use after free in Windows Runtime allows an authorized attacker to elevate privileges locally.
CVE-2026-50452 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-50403 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.
CVE-2026-50348 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an unauthorized attacker to elevate privileges over a network.