152 matches found
CVE-2026-50679
Heap-based buffer overflow in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...
CVE-2026-50373
Improper access control in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...
PT-2026-58499
Name of the Vulnerable Software and Affected Versions Microsoft Windows Search Component affected versions not specified Description A heap-based buffer overflow in the Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. This issue enables a low-privile...
CVE-2026-10721
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the database. Thanks XananasX7 f...
CVE-2026-10721
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the database. Thanks XananasX7...
EUVD-2026-35994
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the database. Thanks XananasX7...
CVE-2026-10721 Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the in Permission, Cache, and Search components
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the database. Thanks XananasX7...
CVE-2026-10721
Concrete CMS
CVE-2026-10721 Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the in Permission, Cache, and Search components
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the database. Thanks XananasX7...
PT-2026-48390
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the database. Thanks XananasX7...
EUVD-2026-34056
A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component startsearch. Performing a manipulation of the argument SearchResult results in inefficient regular expression complexity. It is...
CVE-2026-8011
An insufficient policy enforcement flaw was found in the Search component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496626029...
CVE-2026-27909
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...
EUVD-2026-22447
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...
CVE-2026-27909
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...
Windows Search Service Elevation of Privilege Vulnerability
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...
Microsoft Windows 资源管理错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows Search Component has a resource management vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected...
PT-2026-32771
CVE-2026-27909 Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. https://t.co/EEmqZf1GgX...
CVE-2026-3791
A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out...
PT-2026-6954
Name of the Vulnerable Software and Affected Versions BurtTheCoder mcp-maigret versions through 1.0.12 Description A flaw exists in the component search username within the file src/index.ts. Manipulating the Username argument can result in command injection, potentially allowing for remote...