13 matches found
CVE-2026-48165
Disclaimer: This data contains information about vulnerable...
CVE-2026-45393 Local privilege escalation to SYSTEM in Cribl Edge for Windows
A vulnerability chain in Cribl Edge for Windows before 4.17.1 allows a local authenticated user to escalate privileges to NT AUTHORITY\SYSTEM. Incorrect default permissions on the Windows installer's authentication directory CWE-276 expose a cryptographic secret used for JWT signing and...
CVE-2026-45391 Local privilege escalation in Cribl Edge for Linux
A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account...
traefik -- Multiple vulnerabilities
The traefik project releases a new version addressing multiple CVEs: CVE-2026-32595 BasicAuth Middleware Timing Attack CVE-2026-32305 Potential mTLS Bypass via Fragmented TLS ClientHello CVE-2026-32695 Details not yet available...
PT-2026-5899
Name of the Vulnerable Software and Affected Versions Apple Vision Pro affected versions not specified Description The issue appears to be a security flaw in vision-related technology, potentially affecting Apple Vision Pro. While no public jailbreak currently exists for iOS 26.0 as of February...
CVE-2025-21920
In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...
CVE-2024-35686
The CVE-2024-35686 entry concerns a Missing Authorization vulnerability in Automattic Sensei LMS and Sensei Pro (WC Paid Courses). Connected documents provide concrete details: affected versions include Sensei LMS up to 4.23.1 and Sensei Pro (WC Paid Courses) up to 4.23.1.1.23.1. The issue is cat...
CVE-2024-36041
KSmserver in KDE Plasma Workspace aka plasma-workspace before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the...
knsolutionedu.com Cross Site Scripting vulnerability OBB-3925913
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CAN-2004-0458
CVE-2004-0458 affects mah-jong (server component) prior to version 1.6.2. A missing argument can trigger a NULL pointer dereference, allowing remote attackers to cause a denial of service (server crash). Public advisories reference Debian (DSA-503), Ubuntu, and CVE records; the mitigation is to u...
allaboutaccent.com Improper Access Control vulnerability OBB-3792819
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Plugin Custom Header Images Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
SAP ERP 安全漏洞
SAP ERP is a series of software for ERP management from SAP, a German company. There is a security vulnerability in SAP ERP, there is no information about the vulnerability at this time, please stay tuned to CNNVD or the vendor's announcement...