15881 matches found
CVE-2026-56085
Dell PowerProtect Data Domain is affected by CVE-2026-56085. The description indicates an use of uninitialized resource vulnerability in versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70, with a low-privileged, local attacker potentially caus...
EUVD-2026-41538
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of uninitialized resource vulnerability. A low privileged attacker wi...
CVE-2026-41124
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper limitation of a pathname to a restricted directory 'path...
CVE-2026-41124
Affected product: Dell PowerProtect Data Domain (versions 7.7.1.0–8.6; LTS2026 8.6.1.0–8.6.1.10; LTS2025 8.3.1.0–8.3.1.30; LTS2024 7.13.1.0–7.13.1.70). Vulnerability: Improper restriction of a pathname to a restricted directory (path traversal) allowing a high-privileged, locally authenticated at...
CVE-2026-44268
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect permission Assignment for critical resource vulnerability. A hi...
EUVD-2026-41532
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access 'link following' vulnerabilit...
PT-2026-55579
Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow exists in the recvmsg function within the bsp/loongson/ls1cdev/libraries/ls1c can.h library of the ls1c CAN Handler component. This issue requires local access to be...
9router has an Incomplete Fix: Local-Only Access Gate Bypass in 9router via Host Header SpoofING
Summary The fix for CVE-2026-46339 unauthenticated RCE via unprotected MCP plugin routes introduced a local-only access gate in src/dashboardGuard.js that restricts spawn-capable routes /api/mcp/, /api/tunnel/, /api/cli-tools/ to loopback requests. The gate determines "local" by inspecting the Ho...
CVE-2026-12167
The Minifilter communication port for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to access privileged driver functionality via a communication interface that lacks appropriate access restrictions...
CVE-2026-41121
Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access 'Link Following’ vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
CVE-2026-41121
Dell Device Management Agent (DDMA) versions before 26.05 are affected by an Improper Link Resolution Before File Access (Link Following) vulnerability. A low-privilege, local attacker could potentially exploit this to achieve Elevation of Privileges. The CVSS3.1 vector is AV:L/AC:L/PR:L/UI:R/S:U...
EUVD-2025-31187
Open Babel has NULL pointer dereference in CACAO CacaoFormat::SetHilderbrandt...
EUVD-2025-31188
Open Babel has NULL pointer dereference in ChemKinFormat::ReadReactionQualifierLines...
CVE-2025-23350
NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function VF access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device...
SUSE CVE-2026-13757
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
Linux Distros Unpatched Vulnerability : CVE-2026-13851
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary...
EUVD-2025-31199
Open Babel has out-of-bounds write overlapping memcpy in zipstream basicunzipstreambuf::underflow...
CVE-2026-12086
CVE-2026-12086 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy (IDD): versions 7.2 (up to 7.2.3.23), 7.3 (up to 7.3.2.18), 8.0 (up to 8.0.1.13), 8.1 (up to 8.1.2.6), and 8.2 (up to 8.2.1.0) store potentially sensitive information in log files readable by local users. Root cause is insert...
PT-2026-54128
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in WebAppInstalls allows a local attacker to bypass discretionary access control, which is a security mechanism that restricts acce...
PT-2026-54129
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in WebAppInstalls allows a local attacker to bypass discretionary access control, which is a security mechanism that restricts acce...