Lucene search
K

7170 matches found

RedhatCVE
RedhatCVE
added 2026/06/06 12:43 p.m.16 views

CVE-2026-21027

Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function...

4.8CVSS5.4AI score0.00084EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 p.m.15 views

CVE-2026-21030

Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions...

7.8CVSS5.4AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.11 views

CVE-2026-7832

A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in symlink following. Attacking locally is a requirement. This attack is characterized by high complexity. It is indicated that...

7.3CVSS6.4AI score0.00131EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.9 views

CVE-2026-21010

Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...

7.8CVSS5.4AI score0.00104EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS5.5AI score0.00104EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.11 views

CVE-2026-45222

Summarize versions through 0.14.1, fixed in commit 0cfb0fb, creates the daemon configuration directory and file with default filesystem permissions that may be world-readable on Unix-like systems, allowing local attackers to read bearer tokens and API credentials stored in /.summarize/daemon.json...

6.9CVSS5.5AI score0.00098EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.10 views

CVE-2025-62628

Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution...

7CVSS5.7AI score0.00109EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.11 views

CVE-2026-40951

CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and trigger a denial of service...

6.8CVSS5.5AI score0.00095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-49135

CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the same host can read...

7.2CVSS5.5AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.10 views

CVE-2026-22676

Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...

8.5CVSS5.7AI score0.00104EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 11:16 a.m.15 views

CVE-2026-21028

Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information...

5.5CVSS0.00093EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 11:16 a.m.10 views

CVE-2026-21027

Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function...

4.8CVSS0.00084EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 11:16 a.m.14 views

CVE-2026-21026

Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information...

6.4CVSS0.00093EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 11:16 a.m.13 views

CVE-2026-21030

Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions...

7.8CVSS0.00094EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 11:16 a.m.14 views

CVE-2026-21017

Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...

5.5CVSS0.00093EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 10:18 a.m.10 views

EUVD-2026-34811

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...

8.5CVSS5.5AI score0.00073EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 10:18 a.m.6 views

CVE-2026-11347

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...

8.5CVSS5.5AI score0.00073EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/05 10:15 a.m.45 views

CVE-2026-21037

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...

6.9CVSS0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 10:15 a.m.8 views

CVE-2026-21037

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...

6.9CVSS5.6AI score0.00105EPSS
Exploits0References2
CVE
CVE
added 2026/06/05 10:15 a.m.26 views

CVE-2026-21037

Samsung Members (pre-5.8.01.5) is affected by improper input validation that enables local attackers to access an arbitrary URL and launch an arbitrary activity with Samsung Members privileges. The root cause is insufficient input validation within the app, leading to privilege escalation on the ...

7.1CVSS5.6AI score0.00105EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder