969 matches found
Exploit for Incorrect Authorization in Suse Pam-Config
CVE-2025-6018 + CVE-2025-6019 Exploit Linux Local Privilege...
SUSE CVE-2026-24740
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle's agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out-of-scope containers for example, env=prod on the same agen...
Exploit for Argument Injection in Gnu Inetutils
CVE-2026-24061 Scanner – GNU inetutils telnetd Auth Bypass...
CVE-2025-69604
An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls...
CVE-2025-15545
CVE-2025-15545 affects TP-Link Archer RE605X (RE605X v3.x) where the backup restore function does not validate unexpected/unrecognized tags in the backup file. A crafted backup can cause an injected tag to be interpreted by a shell, enabling arbitrary command execution with root privileges, compr...
CVE-2026-24740
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...
CVE-2026-24740
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...
CVE-2026-24740
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...
EUVD-2026-4741
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...
CVE-2026-24740
CVE-2026-24740 summary (Dozzle) : Dozzle’s agent-backed shell endpoints permit a user restricted by a per-user label filter (for example, label=env=dev) to obtain an interactive root shell in containers outside the user’s label scope (for example, env=prod) on the same agent host. The root cause ...
CVE-2026-24740 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...
CVE-2026-24740 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...
CVE-2025-59104 Unlocked Bootloader in dormakaba access manager
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
CVE-2025-59104
The CVE-2025-59104 issue affects a dormakaba access manager where an attacker with physical access can solder to the debug footprint or connect a 6-Pin tag‑connect cable to access the bootloader. The vulnerable vector allows changing the kernel command line and ultimately obtaining a root shell. ...
CVE-2025-59104
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
Dormakaba Access Manager security vulnerabilities
Dormakaba Access Manager is a smart hardware controller developed by the American company Dormakaba. There is a security vulnerability in Dormakaba Access Manager, which stems from the ability to modify the bootloader’s command line interface physically. This vulnerability could potentially lead ...
PT-2026-4754
With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...
About Authentication Bypass – GNU Inetutils (CVE-2026-24061) vulnerability
About Authentication Bypass - GNU Inetutils CVE-2026-24061 vulnerability. GNU Inetutils is a collection of common network programs, including, among other things, a Telnet server telnetd. A vulnerability in GNU Inetutils telnetd allows a remote attacker to obtain a root shell on the host without...
GNU InetUtils Telnetd Remote Authentication Bypass Vulnerability
GNU InetUtils telnetd is a telnet service daemon in the GNU InetUtils suite that listens on TCP port 23 and provides clients with plaintext terminal access based on the Telnet protocol. A remote authentication bypass vulnerability exists in GNU InetUtils Telnetd, which can be exploited to bypass...
Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl_Firmware
Hikvision CVE-2021-36260 RCE Vulnerability Vulnerability D...