Lucene search
K

1732 matches found

NVD
NVD
added 14 hours ago4 views

CVE-2026-20458

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 15 hours ago7 views

CVE-2026-20458

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

Exploits0References1
CVE
CVE
added 15 hours ago7 views

CVE-2026-20458

CVE-2026-20458 affects the Modem with a memory corruption via a missing bounds check. This could enable remote escalation of privilege if a UE connects to a rogue base station, with no extra execution privileges required and no user interaction. Exploitation is described as adjacent access under ...

7.5CVSS6AI score
Exploits0References1
EUVD
EUVD
added 15 hours ago5 views

EUVD-2026-40871

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added yesterday13 views

CVE-2026-14041

Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
Cvelist
Cvelist
added yesterday13 views

CVE-2026-14036

Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
Debian CVE
Debian CVE
added yesterday3 views

CVE-2026-13928

Insufficient validation of untrusted input in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0
Cvelist
Cvelist
added yesterday13 views

CVE-2026-13903

Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
added yesterday5 views

CVE-2026-13903

Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added yesterday13 views

CVE-2026-13897

Insufficient policy enforcement in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
Nuclei
Nuclei
added 3 days ago10 views

ZenML ZenML Server - Improper Authentication

ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/usernameorid/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. id: CVE-2024-25723 info:...

8.8CVSS6.9AI score0.70581EPSS
Exploits1References5
Nuclei
Nuclei
added 6 days ago139 views

Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation

Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit users documents with duplicate keysfor 'roles' used for access control within the database, including the special case 'admin' role, th...

10CVSS7.4AI score0.99838EPSS
Exploits21References5
Redos
Redos
added 2026/06/22 12:0 a.m.4 views

ROS-20260622-73-0008

The vulnerability of the WebRender component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

8.8CVSS5.8AI score0.00483EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in the Updater component of Google Chrome prior to version 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation through a malicious file. Chromium security severity: High...

8.8CVSS7.3AI score0.00175EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in python-gevent

A vulnerability in Gevent prior to version 23.9.0 allows a remote attacker to escalate privileges through a crafted script to the WSGIServer component...

9.8CVSS8.3AI score0.01334EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/06/18 2:0 a.m.9 views

SUSE CVE-2026-12448

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.3AI score0.00255EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 1:19 p.m.9 views

CVE-2025-48640

In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8CVSS0.00094EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.38 views

PT-2026-50223

In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8CVSS5.6AI score0.00094EPSS
Exploits0References3
NVD
NVD
added 2026/06/16 8:16 p.m.9 views

CVE-2026-0161

In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00231EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.13 views

CVE-2026-0161

CVE-2026-0161 affects Google Android (Pixel bulletin context) with an out-of-bounds write in RtpSession.cpp due to an integer overflow in numberOfReportBlocks, enabling remote privilege escalation without user interaction. Connected sources (Android Pixel bulletin) flag this as an Elevation of Pr...

8.8CVSS5.8AI score0.00231EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder