3397 matches found
PT-2026-48729
CodexBar before 0.33.0 contains a credential forwarding vulnerability that allows network-adjacent attackers to intercept sensitive credentials by issuing cross-origin or HTTP-downgrade redirects to the shared ProviderHTTPClient transport. Attackers can redirect credentialed provider requests...
CVE-2026-0270
A path traversal vulnerability in Palo Alto Networks Cortex XSOAR engine software running on Linux allows an unauthenticated attacker on an adjacent network, with the ability to intercept and manipulate network response traffic via a man-in-the-middle MITM attack, to write arbitrary files to the...
CVE-2026-42915
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network...
CVE-2026-47288
Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network...
CVE-2026-42904
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network...
CVE-2026-0270
Palo Alto Networks Cortex XSOAR engine running on Linux is vulnerable to a path traversal issue that could allow an unauthenticated attacker in an adjacent network, via MITM-enabled interception of network responses, to write arbitrary files to the host. The vulnerability affects the Cortex XSOAR...
CVE-2026-6893
CVE-2026-6893 affects the dracut project, specifically the legacy DHCP path. A remote attacker on an adjacent network can trigger root code execution in the initramfs by sending specially crafted DHCP options (for example, a malicious hostname). The options are improperly handled and written into...
PT-2026-48516
An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to execute arbitrary commands on the device by importing a specially crafted VPN client configuration...
EUVD-2026-35699
Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network...
CVE-2026-47288
Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network...
CVE-2026-42915
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network...
CVE-2026-42904
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network...
EUVD-2026-35727
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network...
EUVD-2026-35593
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network...
CVE-2026-47288
CVE-2026-47288 affects Windows Kerberos Key Distribution Center (KDC). The vulnerability is an integer overflow/wraparound in the Kerberos code, enabling an authorized attacker on an adjacent network to execute code. The CVE has a CVSSv3.1 score of 7.1 ( HIGH ) with attack vector Adjacent, high i...
Windows TCP/IP Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network...
PT-2026-47883
Name of the Vulnerable Software and Affected Versions Windows TCP/IP affected versions not specified Description A heap-based buffer overflow in the Windows TCP/IP stack allows an unauthorized attacker located on an adjacent network to elevate privileges to SYSTEM level. A heap-based buffer...
PT-2026-48023
Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network...
Exploit for Heap-based Buffer Overflow in Mediatek Mt6890_Firmware
CVE-2026-20452 — MediaTek WLAN AP Heap Overflow PoC Proof of...
CVE-2026-49318
Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...