CVE-2026-42368

A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability...

CVE-2026-35359

A Time-of-Check to Time-of-Use TOCTOU vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the ONOFOLLOW flag. An attacker with...

uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit thi...

Nebim V3 ERP 安全漏洞

Nebim V3 ERP is an enterprise resource planning system from Nebim Turkey. A security vulnerability exists in Nebim V3 ERP version 2.0.59 up to and including version 3.0.1, which originates from performing an unnecessarily privileged operation that could result in an extension of operating system...

CVE-2025-31649

A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call...

CVE-2025-31649

CVE-2025-31649: Dell ControlVault WBDI Driver hard-coded password vulnerability in ControlVault3 prior to 5.15.14.19 and ControlVault3 Plus prior to 6.2.36.47. A specially crafted API call can lead to execution of privileged operations. TALOS confirms vulnerable versions (e.g., 5.14.3.0) and the ...

CVE-2025-31649 Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability

A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call...

EUVD-2023-25652

Malicious code in bioql PyPI...

kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

Linux Distros Unpatched Vulnerability : CVE-2025-21991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently,...

CVE-2023-21484

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation...

Ribbon Communications Apollo 9608 安全漏洞

Ribbon Communications Apollo 9608 is a Session Border Controller SBC from Ribbon Communications, USA, used to protect and manage network traffic for real-time communications such as VoIP. A security vulnerability exists in Ribbon Communications Apollo 9608 version v9.6R3 that originates from...

Ribbon Communications Apollo 9608 安全漏洞

Ribbon Communications Apollo 9608 is a Session Border Controller SBC from Ribbon Communications, USA, used to protect and manage network traffic for real-time communications such as VoIP. A security vulnerability exists in Ribbon Communications Apollo 9608 version v9.6R3 that originates from...

dde-file-manager 安全漏洞

dde-file-manager is a Chinese deepin Technology open source file management tool . It has file management functions such as searching, copying, recycling, compressing/uncompressing, viewing file attributes and so on. A security vulnerability exists in dde-file-manager version 6.0.54 and earlier,...

CVE-2023-21484

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation...

Improper access control

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation...

IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability

Talos Vulnerability Report TALOS-2023-1691 IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability April 24, 2023 CVE Number CVE-2023-28528 SUMMARY An OS command injection vulnerability exists in the invscout setUID binary functionality of IBM Corporation AIX 7.2. A...

VMware vRealize Operations CaSA Improper Privilege Management Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of VMware vRealize Operations. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of CaSA. A crafted administrator command can trigger execution of ...

CVE-2022-27172

A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability...

Hardcoded credentials

A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability...