8 matches found
PT-2026-41760
Name of the Vulnerable Software and Affected Versions Mullvad VPN versions prior to 2026.2-beta1 Description Mullvad VPN on macOS may allow local privilege escalation during installation or upgrade. The installer package executes binaries from '/Applications/Mullvad VPN.app' without verifying if...
ALPINE-CVE-2026-34980
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentication. The server...
OpenPrinting CUPS 输入验证错误漏洞
OpenPrinting CUPS is an open-source printing system developed by OpenPrinting Corporation, suitable for Linux® and other Unix®-based operating systems. Versions of OpenPrinting CUPS prior to 2.4.16 contained a vulnerability related to input validation. This vulnerability occurred in network-expos...
OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL
Summary shell-env fallback trusted prefix-based executable paths for $SHELL, allowing execution of attacker-controlled binaries in local/runtime-env influence scenarios. Details In affected versions, shell selection accepted either: 1. a shell listed in /etc/shells, or 2. any executable under...
open-vm-tools: Local privilege escalation in open-vm-tools
A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...
open-vm-tools: Local privilege escalation in open-vm-tools
A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...
open-vm-tools: Local privilege escalation in open-vm-tools
A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...
open-vm-tools: Local privilege escalation in open-vm-tools
A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...