CVE-2026-22267

Dell PowerProtect Data Manager, versions prior to 19.22, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...

PT-2026-4345

Name of the Vulnerable Software and Affected Versions Dell ECS versions 3.8.1.0 through 3.8.1.7 Dell ObjectScale versions prior to 4.2.0.0 Description The issue concerns the use of default credentials within the Dell ECS and Dell ObjectScale operating system. A low-privileged attacker with remote...

Google Android 安全漏洞

Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a pre-condition check failure vulnerability that can be exploited by an attacker to cause a remote elevation of privilege...

EUVD-2017-4693

Malware in sbrugna...

PT-2023-8588 · Hardy Barth · Hardy Barth Cph2 Echarge Ladestation

Name of the Vulnerable Software and Affected Versions: Hardy Barth cPH2 eCharge Ladestation versions 1.87.0 and earlier Description: The issue is related to errors in privilege management in the web application of the Hardy Barth cPH2 eCharge Ladestation. Exploitation of this issue may allow a...

PT-2023-8579 · Opentext · Opentext Fortify Scancentral Dast

Name of the Vulnerable Software and Affected Versions: opentext Fortify ScanCentral DAST versions 21.1 through 23.1 Description: The issue is related to an Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST, which could be exploited to gain elevated privileges. This...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open-source operating system from the US company Google. Google Android has an elevation of privilege vulnerability that can be exploited by attackers to remotely elevate privileges...

Google Android Buffer Overflow Vulnerability (CNVD-2022-47682)

Google Android is a Linux-based open source operating system from Google, Inc. A buffer overflow vulnerability exists in Google Android, which originates in GKIgetbuf in gkibuffer.cc. Due to a heap buffer overflow, an out-of-bounds write may exist, and an attacker could use this vulnerability to...

PT-2022-1708 · Microsoft · Dynamics Gp

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics GP affected versions not specified Description: The issue is related to insecure privilege management in Microsoft Dynamics GP, a software package for mid-size business accounting or enterprise resource planning. Exploitati...

Command injection

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same...

Microsoft Azure Active Directory Connect Remote Elevation of Privilege Vulnerability (CNVD-2019-14680)

Microsoft Azure Active Directory Connect ADC is a service from Microsoft that provides identity and access management in the cloud. A remote elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect. It allows an attacker to execute two PowerShell Cmdlets in the...

Microsoft Edge Remote Elevation of Privilege Vulnerability (CNVD-2020-61599)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A remote elevation of privilege vulnerability exists in Microsoft Edge. An attacker can exploit this vulnerability to gain elevated privileges...

Pivotal Spring Framework Remote Elevation of Privilege Vulnerability

Pivotal Spring Framework is the U.S. Pivotal Software, Inc. of a set of open source Java, Java EE application framework. A remote elevation of privilege vulnerability exists in Pivotal Spring Framework. An attacker can exploit to gain elevated privileges. A failed exploit attempt could result in ...

Microsoft SharePoint Remote Elevation of Privilege Vulnerability (CNVD-2018-07011)

Microsoft SharePoint Enterprise Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A...

Heap overflow

In libMtkOmxVdec.so there is a possible heap buffer overflow. This could lead to a remote elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android kernel...

Input validation

In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed. User interaction is needed for...

CVE-2017-13176

In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed. User interaction is needed for...

CVE-2017-13176

CVE-2017-13176 refers to a vulnerability in Android where the parseURL function of URLStreamHandler performs improper input validation of the host field. Exploitation could enable remote elevation of privilege with user interaction required, across Android versions 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, ...

Microsoft Windows Error Reporting Remote Elevation of Privilege Vulnerability

Microsoft Windows is the popular operating system. A security vulnerability in the Microsoft Windows Error Reporting WER implementation allows an attacker to exploit the vulnerability by submitting a special request that can elevate privileges...

Microsoft Azure Active Directory Connect Remote Elevation of Privilege Vulnerability

Microsoft Azure Active Directory Connect is a service from Microsoft that provides identity and access management in the cloud. A privilege-lifting vulnerability exists in Microsoft Azure Active Directory Connect versions prior to 1.1.553.0. An attacker could exploit the vulnerability to reset...