37 matches found
EUVD-2026-21418
Vikunja vulnerable to Privilege Escalation via Project Reparenting...
CVE-2026-21418
creationtimestamp| type| source ---|---|--- 2026-01-30 09:19:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdmxwmpqyk2c 2026-01-30 09:24:10+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115983322324650716 2026-01-30 10:00:38+00:00| seen|...
CVE-2026-21418
Dell Unity, versions 5.5.2 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root...
Linux Distros Unpatched Vulnerability : CVE-2022-21418
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit...
CVE-2023-21418
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact...
CVE-2021-21418
psemailsubscription is a newsletter subscription module for the PrestaShop platform. An employee can inject javascript in the newsletter condition field that will then be executed on the front office The issue has been fixed in 2.6.1...
CVE-2025-21418
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability...
Microsoft Patch Tuesday, February 2025 Edition
Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive an update this month for a buffer overflow...
CVE-2025-21418 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
CVE-2025-21418 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
CVE-2025-21418
CVE-2025-21418 is a heap-based buffer overflow in the Windows Ancillary Function Driver for WinSock that enables local privilege escalation to SYSTEM. Affected: Windows components exposed to local attack surface; exploitability is local with low attack complexity and no user interaction. Public r...
CVE-2025-21418
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-6146
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6146
CVE-2024-6146 concerns Actiontec WCB6200Q with a stack-based buffer overflow in the HTTP server function responsible for handling postdata with upload (uh_get_postdata_withupload). The flaw arises from insufficient validation of user-supplied data length before copying into a fixed-length stack-b...
CVE-2024-21418
creationtimestamp| type| source ---|---|--- 2024-03-12 20:21:57+00:00| seen| https://t.me/ctinow/206093...
CVE-2024-21418
Software for Open Networking in the Cloud SONiC Elevation of Privilege Vulnerability...
CVE-2024-21418
CVE-2024-21418 affects Software for Open Networking in the Cloud (SONiC). Public docs indicate an Elevation of Privilege vulnerability in SONiC components with affected versions including 201811, 201911, 202012, and 202205. Root cause details are not fully disclosed in the provided materials, but...
CVE-2023-21418
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact...
CVE-2023-21418
AXIS OS vulnerability CVE-2023-21418 affects the VAPIX API irissetup.cgi, where path traversal could delete files. Exploitation requires authentication with an operator- or administrator-privileged service account, with impact higher on administrator privileges and lower on operator accounts (non...