Common Vulnerabilities and Exposures (CVE)

CVE-2025-20105

Mar 12, 2026 03:55:37 UTC

Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local co...

CVE-2026-20046

Mar 12, 2026 03:55:36 UTC

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerabilit...

CVE-2026-20040

Mar 12, 2026 03:55:35 UTC

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient va...

CVE-2026-22248

Mar 12, 2026 03:55:34 UTC

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file an...

CVE-2026-30903

Mar 12, 2026 03:55:33 UTC

External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access.

CVE-2026-30902

Mar 12, 2026 03:55:32 UTC

Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

CVE-2026-30901

Mar 12, 2026 03:55:32 UTC

Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access.

CVE-2026-32229

Mar 12, 2026 03:55:31 UTC

In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled

CVE-2026-30900

Mar 12, 2026 03:55:30 UTC

Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

CVE-2026-0107

Mar 12, 2026 03:55:29 UTC

In gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of privileges due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n...

CVE-2025-36920

Mar 12, 2026 03:55:29 UTC

In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ...

CVE-2026-0110

Mar 12, 2026 03:55:28 UTC

In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0111

Mar 12, 2026 03:55:27 UTC

In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not ne...

CVE-2026-0112

Mar 12, 2026 03:55:27 UTC

In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2026-0113

Mar 12, 2026 03:55:26 UTC

In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not ne...