23 matches found
CVE-2026-11494 TOTOLINK AC1200 T8 vsftpd vsftpd.conf least privilege violation
A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly...
TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...
CVE-2026-45208
Technical details (affected product versions, root cause, exploit paths, and mitigations) are not publicly available in the provided documents. Monitor for updates from official advisories.
CVE-2026-0924
CVE-2026-0924 affects BuhoCleaner 1.15.2. The Red Hat/NVD notes describe an insecure XPC service that allows local, unprivileged users to escalate privileges to root via insecure functions. The provided documents identify the affected component as the BuhoCleaner XPC service and indicate local pr...
EUVD-2018-15819
Malware in sbrugna...
EUVD-2020-4896
Malware in sbrugna...
EUVD-2020-18358
Malware in sbrugna...
EUVD-2022-34821
Malicious code in bioql PyPI...
EUVD-2022-40319
Malicious code in bioql PyPI...
Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability
Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild. Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in...
Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-43093 - A privilege escalation flaw in...
CVE-2024-6871
G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the targ...
MediaTek 芯片安全漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. The MediaTek chips are affected by a security vulnerability that stems from a lack of privilege checking, which can be exploited by an attacker to cause a local privilege escalation. The following products and versio...
The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to gain increased privileges.
The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to increase their privileges...
PT-2020-6995
Name of the Vulnerable Software and Affected Versions EVGA Precision X1 versions through 1.0.6 winring0 project winring0 version 1.2.0 Description The WinRing0.sys and WinRing0x64.sys drivers versions 1.2.0 in EVGA Precision X1 through 1.0.6 contain a flaw that allows local users, including those...
Important: Red Hat Security Advisory: Red Hat CloudForms security, bug fix, and enhancement update
An update is now available for CloudForms Management Engine 5.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Microsoft Windows Win32k Elevation of Privilege Vulnerability (CNVD-2018-10986)
Microsoft Windows is a set of operating systems developed by Microsoft Corporation in the U.S. Windows uses a graphical mode GUI. Microsoft Windows suffers from an elevation of privilege vulnerability. The vulnerability arises because the Win32k component fails to properly handle objects in memor...
CVE-2017-8578
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, ak...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the drivers/media/platform/msm/camerav2/sensor/csiphy/msmcsiphy.c component of Qualcomm’s Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating locally, to enhance their privileges through an...
The vulnerability of the Linux operating system, which allows a malicious individual to increase their privileges
A local user can increase their privileges by passing a parameter vcpuid with a high value...