3754 matches found
Forcepoint VPN Client 安全漏洞
Forcepoint VPN Client is an enterprise-level VPN client software developed by the American company Forcepoint. Versions of Forcepoint VPN Client 6.11.3 and earlier contained a security vulnerability. This vulnerability stemmed from an increase in local privileges, which could allow non-managed...
PT-2026-45924
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A remote attacker with user privileges can exploit a stack buffer overflow in the bac-deviceobject method to gain full system access as root. A stack buffer...
xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...
CVE-2019-25718
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...
CVE-2019-25718
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...
CVE-2019-25718 Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...
CVE-2019-25718 Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...
Legacy-TJNULL-OSCP-
HackTheBox: Legacy Writeup An elegant, professional walkthroug...
Dräger Infinity Explorer C700 安全漏洞
The Dräger Infinity Explorer C700 is an integrated medical-grade monitoring workstation component developed by the German company Dräger. The Dräger Infinity Explorer C700 has a security vulnerability that stems from privilege escalation. This vulnerability could allow attackers to break through...
RLSA-2026:21745 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...
xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...
EUVD-2026-32278
In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain full access to the service protocol and configuration panel...
CVE-2024-56462 IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system...
PT-2026-43685
Name of the Vulnerable Software and Affected Versions IBM QRadar versions 7.5.0 through 7.5.0 UP15 Interim Fix 002 Description A privileged user can upload a malicious backup archive. When this archive is restored, it can be used to gain unauthorized access to the underlying operating system...
Netis AC1200 安全漏洞
The Netis AC1200 is a series of dual-band wireless broadband routers produced by the Chinese company Netis. The Netis AC1200 Router NC21 V4.0.1.4296 version contains a security vulnerability. This vulnerability stems from the hardcoded root credentials stored in the /etc/shadow.sample file. The...
HP LaserJet Printers Path Traversal (CVE-2010-4107)
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers...
Malicious code in credential-verification-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebec51669e1875ebdcbe28040480db123cd5b42e4dbd4229b534a6e07e41b593 [email protected] is a thin wrapper whose only behavior is to download and execute whatever code is currently published at the latest...
Dell SmartFabric Storage Software 命令注入漏洞
Dell SmartFabric Storage Software is an independent storage software solution provided by the American company Dell. Versions of Dell SmartFabric Storage Software prior to 1.4.5 contained a command injection vulnerability. This vulnerability stemmed from improper handling of special elements with...
MAL-2026-3829 Malicious code in pyenvprep (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 963727b60e7fa8536050eb0f4691dc8bec6089567630063305d05ddceb4834cd Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...
CVE-2026-7373
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control of a Windows host. When started the metasploitPostgreSQL service would start the postgres.exe child process which would in turn load an OpenSSL configuration file from a stat...