Cisco Catalyst SD-WAN Controller Authentication Bypass (cisco-sa-sdwan-rpa-EHchtZk)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an...

CVE-2026-2563

A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the function setstcreenendeabledstatus/getstatus of the file /f/service/controlDevice of the component jdcapprpc. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the...

CVE-2026-2562

JingDong JD Cloud Box AX6600 firmware up to 4.5.1.r4533 is affected by CVE-2026-2562 in the jdcweb_rpc/jdcapi path (cast_streen). The vulnerability arises from a manipulated File argument in /jdcapi, enabling remote privilege escalation. The attack is described as remote and publicly disclosed. T...

ROS-20260122-73-0012

A vulnerability in the Google Updater component of the Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges using a specially crafted file...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from a heap buffer overflow that could lead to remote elevation of privilege...

CVE-2024-27713

An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component...

CVE-2024-27710

An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism...

CVE-2022-20361

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20361

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

HPE OneView Synergy Composer Remote Elevation of Privilege Vulnerability

HPE HPE OneView and HPE Synergy Composer are both products of Hewlett Packard Enterprise HPE, U.S.A. HPE OneView is software that facilitates automated device management for the IT department.HPE Synergy Composer is an IT infrastructure that supports Portfolio and flexible expansion of IT...

HP ThinkPwn UEFI BIOS 'SmmRuntime' Remote Privilege Elevation Vulnerability

HP ThinkPwn UEFI BIOS is a device from Hewlett-Packard HP in the United States. The HP ThinkPwn UEFI BIOS 'SmmRuntime' suffers from a remote elevation of privilege vulnerability that can be exploited by an attacker to execute arbitrary code with elevated privileges and perform unauthorized...