CVE-2026-10074

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2026-10074 Interinfo｜DreamMaker - Arbitrary File Read

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2026-10074

DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2026-44069

An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...

Netatalk 数字错误漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.0 to 4.4.2 of Netatalk contain a numerical error vulnerability. This vulnerability stems from an integer underflow in the...

CVE-2026-21012

External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege...

CVE-2026-21012

External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege...

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. These devices include smartphones, tablets, etc. There are security vulnerabilities in Samsung Mobile devices, which stem from improper external control of file names. This vulnerability could...

CVE-2025-30650

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...

CVE-2025-30650 Junos OS: Privileged local user can gain access to a Linux-based FPC as root

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...

CVE-2025-30650

CVE-2025-30650 concerns Junos OS on Linux-based line cards. A Missing Authentication for Critical Function in command processing allows a privileged local user to gain root access to the Linux-based FPC. Affected line cards include: MPC7–MPC11; LC2101/LC2103; LC480/LC4800/LC9600; MX304 (built-in ...

CVE-2025-30650 Junos OS: Privileged local user can gain access to a Linux-based FPC as root

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...

Juniper Junos OS Vulnerability (JSA107863)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107863 advisory. - A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to...

Himmelblau 安全漏洞

Himmelblau is an open-source Azure Entra ID authentication module developed by Himmelblau. There is a security vulnerability in Himmelblau, which stems from conditional local privilege escalation due to name conflicts in edge scenarios. If the mapped CN or short name matches the name of a...

CVE-2025-22850

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-22850

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-22850

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-20073

CVE-2025-20073 describes an information disclosure vulnerability in the UEFI DXE module for some Intel reference platforms. The issue is caused by improper buffer restrictions, which could allow a local privilege user with high complexity to cause data exposure without user interaction. Impact is...

CVE-2026-22285

Dell Device Management Agent DDMA, versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access...

CVE-2025-27560

Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...