1984 matches found
CVE-2026-11889
CVE-2026-11889 concerns SALTO ProAccess Space software with the tenancy/partition feature. The issue enables privilege escalation that could let an authenticated attacker access any space managed by the affected installation. Exploitation requires valid authenticated operator credentials and the ...
CVE-2026-11889 SALTO ProAccess Space Authorization Bypass Through User-Controlled Key
SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...
SALTO ProAccess Space
ADVISORY SUMMARY Successful exploitation of this vulnerability allows an authenticated attacker to escalate privileges and access spaces outside their assigned partition, within the same Salto ProAccess Space installation or system. Exploitation requires valid authenticated operator credentials...
CVE-2026-15475
A weakness has been identified in MiniTool Partition Wizard up to 13.6. The affected element is an unknown function in the library pwdrvio.sys of the component Signed Kernel Driver. This manipulation causes improper access controls. The attack can only be executed locally. The exploit has been ma...
EUVD-2026-43197
A weakness has been identified in MiniTool Partition Wizard up to 13.6. The affected element is an unknown function in the library pwdrvio.sys of the component Signed Kernel Driver. This manipulation causes improper access controls. The attack can only be executed locally. The exploit has been ma...
CVE-2026-15475 MiniTool Partition Wizard Signed Kernel Driver pwdrvio.sys access control
A weakness has been identified in MiniTool Partition Wizard up to 13.6. The affected element is an unknown function in the library pwdrvio.sys of the component Signed Kernel Driver. This manipulation causes improper access controls. The attack can only be executed locally. The exploit has been ma...
CVE-2026-15475
Summary: CVE-2026-15475 affects MiniTool Partition Wizard (up to v13.6), specifically the Signed Kernel Driver pwdrvio.sys. A manipulation of an unknown function in pwdrvio.sys leads to improper access controls. The attack is local. Publicly available exploit suggests potential use in attacks. A ...
OESA-2026-2886 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw point...
OESA-2026-2885 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw point...
OESA-2026-2884 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw point...
OESA-2026-2883 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw point...
CVE-2026-49098
A flaw was found in the Apache Camel Kafka Component. A remote attacker can exploit an improper input validation vulnerability by manipulating specific Kafka headers, such as kafka.OVERRIDETOPIC, when an HTTP consumer bridges into a Kafka producer. This allows the attacker to redirect messages to...
PYSEC-2026-1145 Apache Airflow Common SQL Provider Vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Airflow Common SQL Provider. When using the partition clause in SQLTableCheckOperator as parameter which was a recommended pattern, Authenticated UI User could inject arbitrary SQL command...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare CVE-2026-43303 In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl CVE-2026-43492 In...
CVE-2026-6684
FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...
EUVD-2026-40994
FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...
CVE-2026-6684
FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...
Util-linux: util-linux: heap use-after-free in libblkid nested partition probing
...
PT-2026-54926
Name of the Vulnerable Software and Affected Versions FatFs versions prior to R0.16 Description An issue exists when using GPT scanning with FF LBA64 = 1 where an unbounded loop count is derived from the GPT header field GPTH PtNum. This can lead to extremely long or effectively infinite scans...
Linux Distros Unpatched Vulnerability : CVE-2026-13595
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw...