CVE-2026-0019

In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0019

CVE-2026-0019 affects SettingsLib and enables a logic-error path that could disable system components, enabling local privilege escalation without extra privileges or user interaction. The issue is classified as Elevation of Privilege (High) in Android 17 release notes; patches are included in An...

CVE-2026-0019

In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2024-20076 · Quest · Kace Agent

Name of the Vulnerable Software and Affected Versions: Quest KACE Agent for Windows versions 12.0.38 through 13.1.23.0 Description: An issue exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components, allowing local attackers to create any file of their choice with NT...

PT-2024-20078 · Quest · Quest Kace Agent For Windows

Name of the Vulnerable Software and Affected Versions: Quest KACE Agent for Windows versions 12.0.38 through 13.1.23.0 Description: An unquoted Windows search path issue exists in the KSchedulerSvc.exe and AMPTools.exe components, allowing local attackers to execute code of their choice with NT...

PT-2023-25521 · Adiscon · Loganalyzer

Name of the Vulnerable Software and Affected Versions: Adiscon LogAnalyzer versions through 4.1.13 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via the "asktheoracle.php", "details.php", "index.php", "search.php", "export.php", "reports.php", an...

PT-2021-6722 · Cacti · Cacti

Name of the Vulnerable Software and Affected Versions: Cacti version 1.2.12 Description: The issue is related to multiple Cross Site Scripting XSS vulnerabilities in several components of the Cacti network monitoring tool, including reports admin.php, data queries.php, data input.php, graph...

PT-2020-5503 · Mpxj · Mpxj

Name of the Vulnerable Software and Affected Versions: MPXJ versions 8.1.3 and earlier Description: The issue is related to the incorrect restriction of XML external entity references in the GanttProjectReader and PhoenixReader components of the MPXJ library. This can allow a remote attacker to...

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Overview Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. Description The HTTP Security Servers component of Check Point Firewall-1 contains an HTTP parsing vulnerability that is triggered by...