98 matches found
CVE-2026-21017
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...
EUVD-2026-34796
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...
CVE-2026-21017
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...
CVE-2026-21017
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...
CVE-2026-21017
Technical details (affected product/component, root cause, impact, or fix) are not publicly available in the provided documents. Monitor for updates from official advisories.
CVE-2026-21017
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...
PT-2026-46914
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...
JLSEC-2026-107 Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag
The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access equivalent to --allow-env, and writing /proc/self/mem may provide access equivalent t...
CVE-2026-21000
Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege...
CVE-2026-2464
Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is...
SUSE CVE-2025-64324
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
CVE-2020-36868 Nagios XI < 5.7.3 Privilege escalation via Insecure getprofile.sh Script
Nagios XI versions prior to 5.7.3 contain a privilege escalation vulnerability in the getprofile.sh helper script. The script performed profile retrieval and initialization routines using insecure file/command handling and insufficient validation of attacker-controlled inputs, and in some...
JLSEC-2025-159 A flaw was found in glib before version 2.63.6
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition...
EUVD-2005-0653
Malware in sbrugna...
EUVD-2019-8363
Malware in sbrugna...
EUVD-2002-1122
Malware in sbrugna...
EUVD-2019-10557
Malware in sbrugna...
EUVD-2021-1691
Malware in sbrugna...
EUVD-2021-7300
Malicious code in bioql PyPI...
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.
...