4 matches found
CVE-2026-11447 GL.iNet GL-MT3000 MTK Backend iwinfo.so iwinfo_backend command injection
A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...
CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions
Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...
PT-2022-6351 · Dell · Alienware Update +2
Name of the Vulnerable Software and Affected Versions: Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 Description: The issue is related to the exposure of sensitive system information to an unauthorized control sphere. A local malicious user could potentially explo...
PT-2022-24546 · Netapp · Snapcenter
Name of the Vulnerable Software and Affected Versions: SnapCenter versions prior to 4.7 Description: The issue is related to the absence of Content Security Policy CSP in SnapCenter, which could allow certain types of attacks that would otherwise be prevented. Recommendations: For SnapCenter...