18 matches found
Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the product installer. The issue results from...
CVE-2026-0788
ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability. This vulnerability allows remote attackers to execute web requests with a target user's privileges on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...
CVE-2026-0775
npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
(0Day) Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the discordrpc module...
Alibaba Cloud Workspace Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Alibaba Cloud Workspace Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
IBM ApplinX 跨站请求伪造漏洞
IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern web-based applications. IBM ApplinX suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to construct a malicious URI, bait a request, an...
IBM ApplinX 跨站请求伪造漏洞
IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern web-based applications. IBM ApplinX suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to construct a malicious URI, bait a request, an...
IBM BladeCenter Cross-Site Request Forgery Vulnerability (CNVD-2020-52190)
IBM Blade Center is an IBM server management program. IBM Blade Center suffers from a cross-site request forgery vulnerability that can be exploited by a remote attacker to construct a malicious URI, bait a request, and can be used to perform a malicious operation in the context of the target use...
D-Link DIR-100 Cross-Site Request Forgery Vulnerability
The D-Link DIR-100 is a compact broadband router with integrated firewall functionality. A cross-site request forgery vulnerability exists in D-Link DIR-100 version 1.01. It allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in th...
I-O DATA DEVICE ETX-R Cross-Site Request Forgery Vulnerability
The I-O DATA DEVICE ETX-R is a router product from I-O DATA DEVICE Japan. The I-O DATA DEVICE ETX-R suffers from a cross-site request forgery vulnerability that allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the context of...
Cisco Unified Intelligence Center Cross-Site Request Forgery Vulnerability (CNVD-2015-04963)
Cisco Unified Intelligence Center is a unified intelligence management center. A cross-site request forgery vulnerability exists in the Cisco Unified Intelligence Center WEB interface, which allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform...
Cisco TelePresence IP Gateway Device Cross-Site Request Forgery Vulnerability
The Cisco TelePresence IP Gateway is a telepresence IP gateway device. A cross-site request forgery vulnerability exists in the Cisco TelePresence IP Gateway appliance that allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the...
Wing FTP Server Cross-Site Request Forgery Vulnerability
Wing FTP Server is a professional cross-platform FTP server side with decent speed, reliability and a user-friendly configuration interface. A cross-site request forgery vulnerability exists in Wing FTP Server. It allows remote attackers to construct malicious URIs, trick users into parsing them,...
Adobe Flash Player Cross-Site Request Forgery Vulnerability
Adobe Flash Player is a Flash file handling program. Adobe Flash Player suffers from a cross-site request forgery vulnerability that allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the context of the target user, due to an...
XZERES 442SR OS Cross-Site Request Forgery Vulnerability (CNVD-2015-03663)
The XZERES 442SR OS is a 442SR model turbine generator. The XZERES 442SR OS suffers from a cross-site request forgery vulnerability that allows a remote attacker to construct a malicious URI, trick a user into resolving it, and can perform malicious actions in the context of the target user...
WSO2 Identity Server /carbon/user/add-finish.jsp User Cross-Site Request Forgery Vulnerability
WSO2 Identity Server is an open source identity services , support for Information Cards, OpenID and XACML. WSO2 Identity Server /carbon/user/add-finish.jsp has a cross-site request forgery vulnerability that allows remote attackers to construct malicious URIs, entice users to parse them, and...
Cisco Unified Customer Voice Portal Cross-Site Request Forgery Vulnerability
Cisco Unified Customer Voice Portal CVP provides voice and video self-service. A cross-site request forgery vulnerability exists in Cisco Unified Customer Voice Portal, where the program fails to properly validate user input, allowing a remote attacker to construct a malicious URI, trick the user...
Wing FTP Server Admin /admin_loglist.html Cross-Site Request Forgery Vulnerability
WingFTPServer is a professional cross-platform FTP server , it has good speed , reliability and a friendly configuration interface . A cross-site request forgery vulnerability exists in WingFTPServer Admin /adminloglist.html, which allows remote attackers to construct malicious URIs, trick users...