13094 matches found
CVE-2026-22069
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...
CVE-2026-22069
CVE-2026-22069 affects O+ Connect and describes a local privilege-escalation vulnerability where the pipe interface fails to validate the caller’s identity. The CVSS 3.1 score is 7.3 (HIGH) with LOCAL attack vector, LOW privileges required, USER interaction required, scope changed, and impact on ...
EUVD-2026-30825
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...
CVE-2026-22069
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...
CVE-2026-22069 O+ Connect Local Privilege Escalation Vulnerability
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...
CVE-2026-22069 O+ Connect Local Privilege Escalation Vulnerability
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...
PT-2026-41881
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A security control intended to disable the implicit flow in OpenID Connect OIDC clients can be bypassed. A low-privilege user with knowledge of user credentials and client ID can manipulate...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a security vulnerability, which stems from the improper application of the OIDC bypass feature in the domain-level notBefore policy. This vulnerability may cause revoked tokens to remain...
OPPO O+ Connect 安全漏洞
OPPO O+ Connect is a multi-device connectivity and data collaboration platform developed by OPPO Corporation in China. There is a security vulnerability in OPPO O+ Connect, which stems from the failure to verify the identity of the caller on the pipeline interface, potentially leading to an...
PT-2026-41870
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description An access control flaw exists in the OpenID Connect OIDC token introspection endpoint. This issue allows a confidential client with valid credentials to bypass audience restrictions and...
PT-2026-41813
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...
Keycloak 访问控制错误漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability related to access control. This vulnerability stems from an access control flaw within the OpenID Connect token, allowing confidential clients to bypass audience...
CVE-2025-56352
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...
CLSA-2026-1779098432 Fix CVE(s): CVE-2026-5773
SECURITY UPDATE: wrong SMB connection reused due to missing share comparison - debian/patches/CVE-2026-5773.patch: disable connection reuse for SMBS by replacing connkeep with connclose in smbconnect lib/smb.c - CVE-2026-5773...
CVE-2025-56352
CVE-2025-56352 affects the tinyMQTT broker. When processing a CONNECT packet with a zero-length Client ID and CleanSession=0, the broker returns CONNACK 0x02 (Identifier Rejected) but fails to explicitly close the TCP connection, leaving the socket open. Repeated invalid CONNECT attempts can exha...
CVE-2025-56352
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...
CVE-2025-56352
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...
tinyMQTT 资源管理错误漏洞
tinyMQTT is a pre-sorted tree traversal algorithm library developed by 0x7C9A. There is a resource management vulnerability in tinyMQTT; this vulnerability stems from improper protocol handling during the parsing of CONNECT packets, which may lead to exhaustion of server resources. The following...
PT-2026-41677
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...
CVE-2025-56352
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, the broker mishandles protocol violations during CONNECT packet parsing. When receiving a CONNECT packet with a zero-length Client ID while CleanSession is set to 0, the broker correctly replies with a CONNACK return code 0x0...