14842 matches found
CVE-2026-49189
CVE-2026-49189 involves unchecked public access permissions on a core Broadcast Receiver, enabling unauthorized local software components to invoke administrative operations. The available documents identify the vulnerable component as a Broadcast Receiver and describe the root cause as permissio...
CVE-2026-49189
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
Micro Focus Operations Bridge Reporter - Remote Code Execution
Micro Focus Operations Bridge Reporter 10.40 is susceptible to remote code execution. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or execute unauthorized operations without entering necessary credentials. id: CVE-2021-22502 info: name: Micro Focus...
CVE-2026-36176
GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...
CVE-2026-36176
GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...
EUVD-2026-34279
GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...
CVE-2026-36176
GNCC GP5 v7.1.76 stores pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext on the serial console. This enables physically proximate attackers to extract active tokens and perform unauthorized operations via the serial UART interface. Root cause: tokens exposed in plaintext to the con...
CVE-2026-22055
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
The CVE concerns Active IQ OneCollect 2.7.3, where hard-coded credentials could allow an authenticated user with LOW privileges to perform unauthorized AutoSupport operations. Root cause: hard-coded credentials. Impact: unauthorized AutoSupport actions with low privileges. The provided documents ...
CVE-2026-22054
CVE-2026-22054 affects Active IQ Config Advisor 6.7.3 and involves hard-coded credentials that could enable an authenticated, low-privilege attacker to perform unauthorized AutoSupport operations. The CVSS vector indicates network access, low attack complexity, and low privileges required with im...
CVE-2026-22054
Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-46251
A flaw was found in the Linux kernel's Btrfs filesystem. When the EXTENTTREEV2 incompatibility flag is enabled, the block group tree's dirty list can become corrupted. This corruption occurs because the block group tree is incorrectly added to a commit list while already being tracked, leading to...
CVE-2026-25259
Memory corruption while processing multiple IOCTL command for escape operations...
CVE-2026-25258
Memory corruption while processing IOCTL calls for escape operations...
Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal - Remote Code Execution
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of GetFileWithoutZip method. The issue results from th...
Linux Distros Unpatched Vulnerability : CVE-2026-46154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Read scxroot under scxcgroupopsrwsem in cgroup setters scxgroupsetweight,idle,bandwidth cache scxroot before acquiring scxcgroupopsrwsem, so the point...
EUVD-2026-33823
Memory corruption while processing IOCTL calls for escape operations...
EUVD-2026-33824
Memory corruption while processing multiple IOCTL command for escape operations...
CVE-2026-25258
Memory corruption while processing IOCTL calls for escape operations...
CVE-2026-25259
Memory corruption while processing multiple IOCTL command for escape operations...