1528 matches found
MAL-2026-2817 Malicious code in lightweight-charts-4.1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7a7bcf5678b42c2da20ad8e444066092ac3a9c17a6c8867a034717d1d8c344 The package lightweight-charts-4.1 was found to contain malicious code. Source: ossf-package-analysis...
CVE-2026-27917
Use after free in Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys allows an authorized attacker to elevate privileges locally...
EUVD-2026-22461
Use after free in Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys allows an authorized attacker to elevate privileges locally...
CVE-2026-27917
CVE-2026-27917 is a use-after-free vulnerability in the Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) that can elevate privileges locally. Connected documents confirm the issue and its root cause (memory corruption via use-after-free) and indicate that Microsoft released fixes (e.g., K...
CVE-2026-27917 Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability
...
Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability
Use after free in Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys allows an authorized attacker to elevate privileges locally...
LDAP Injection
Overview mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. Affected versions of this package are vulnerable to LDAP Injection through the Ldap authentication handler in mitmproxy/addons/proxyauth.py. An attacker can...
Microsoft Windows 资源管理错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys contains a resource management vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following...
CVE-2026-33784
A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...
CVE-2026-21915
A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...
Hardware-Efficient Compound IC Protection with Lightweight Cryptography
Over the years, many techniques have been introduced to protect integrated circuits ICs from hardware security threats that emerged in the globalized IC manufacturing supply chain, such as overproduction and piracy. However, most of these techniques have been rendered inefficient since they do no...
EUVD-2026-21203
A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...
EUVD-2026-21078
A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...
CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access
A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...
CVE-2026-21915 JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root
A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...
CVE-2026-21915
The CVE describes a vulnerability in Juniper Networks’ JSI Virtual Lightweight Collector (vLWC). A Permissive List of Allowed Input in the CLI enables local, high-privilege attackers to inject shell commands that run with root permissions, potentially yielding full system control. Affected: all J...
CVE-2026-34578 OPNsense has an LDAP Injection via Unsanitized Username in Authentication
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldapescape. An unauthenticated attacker can inject LDAP filter metacharacters into the username field ...
Juniper Networks Support Insights Virtual Lightweight Collector 安全漏洞
Juniper Networks Support Insights Virtual Lightweight Collector is a network device telemetry data collection and operational analysis tool developed by Juniper Networks. Versions of Juniper Networks Support Insights Virtual Lightweight Collector prior to version 3.0.94 contained security...
PT-2026-31803
Name of the Vulnerable Software and Affected Versions Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC versions prior to 3.0.94 Description A Use of Default Password issue in Juniper Networks JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based...
Juniper Networks Support Insights Virtual Lightweight Collector 安全漏洞
Juniper Networks Support Insights Virtual Lightweight Collector is a network device telemetry data collection and operational analysis tool developed by Juniper Networks. Versions of Juniper Networks Support Insights Virtual Lightweight Collector prior to version 3.0.94 contained security...