219 matches found
CVE-2025-30650 Junos OS: Privileged local user can gain access to a Linux-based FPC as root
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...
CVE-2025-30650
CVE-2025-30650 concerns Junos OS on Linux-based line cards. A Missing Authentication for Critical Function in command processing allows a privileged local user to gain root access to the Linux-based FPC. Affected line cards include: MPC7–MPC11; LC2101/LC2103; LC480/LC4800/LC9600; MX304 (built-in ...
CVE-2025-30650 Junos OS: Privileged local user can gain access to a Linux-based FPC as root
A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...
Juniper Junos OS Vulnerability (JSA107863)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107863 advisory. - A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to...
Himmelblau 安全漏洞
Himmelblau is an open-source Azure Entra ID authentication module developed by Himmelblau. There is a security vulnerability in Himmelblau, which stems from conditional local privilege escalation due to name conflicts in edge scenarios. If the mapped CN or short name matches the name of a...
CVE-2025-22850
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-22850
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-22850
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-20073
CVE-2025-20073 describes an information disclosure vulnerability in the UEFI DXE module for some Intel reference platforms. The issue is caused by improper buffer restrictions, which could allow a local privilege user with high complexity to cause data exposure without user interaction. Impact is...
CVE-2026-22285
Dell Device Management Agent DDMA, versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access...
CVE-2025-27560
Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...
CVE-2025-32467
Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...
CVE-2025-27560
Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...
AMD EPYC 9005 Series 安全漏洞
The AMD EPYC 9005 Series is a series of processors developed by Advanced Microelectronics Devices, Inc. AMD. There are security vulnerabilities in the AMD EPYC 9005 Series. These vulnerabilities stem from improper handling of error conditions during host failures, which may allow privileged local...
PT-2026-7301
Name of the Vulnerable Software and Affected Versions TDX Module versions prior to tdx1.5 Description A race condition exists within the hypervisor in Ring 0 for some TDX Module versions prior to tdx1.5, potentially leading to a denial of service. An authorized adversary with privileged user...
CVE-2026-20982
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege...
EUVD-2026-5393
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege...
CVE-2026-20982
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege...
CVE-2026-20982
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege...
PT-2026-6092
Name of the Vulnerable Software and Affected Versions Adobe ShortcutService versions prior to SMR Feb-2026 Release 1 Description A path traversal issue exists in ShortcutService. A privileged local attacker can create a file with system privileges. Recommendations Update Adobe ShortcutService to...