86 matches found
CVE-2026-20427
In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537...
CVE-2026-20442
CVE-2026-20442 affects MediaTek chipsets and is caused by a use-after-free in the display path, leading to a possible local crash and denial of service when the attacker already has System privileges. Exploitation does not require user interaction and is local (attack vector: local). The conditio...
CVE-2026-25491 Craft has a Stored XSS in Entry Types Name
Craft is a platform for creating digital experiences. From 5.0.0-RC1 to 5.8.21, Craft has a stored XSS via Entry Type names. The name is not sanitized when displayed in the Entry Types list. This vulnerability is fixed in 5.8.22...
MiracleLinux 7 : openssh-7.4p1-23.0.3.0.3.el7.AXS7 (AXSA:2025-10789:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10789:04 advisory. CVE-2018-20685: fix a vulnerability scp client where a malicious server could bypass intended access restrictions and modify target directory...
CVE-2025-20781
The CVE-2025-20781 issue affects MediaTek chipsets’ display component, caused by a memory corruption due to use-after-free. This leads to local escalation of privilege if an attacker already has System privileges; exploitation does not require user interaction. A patch is listed as ALPS10182914 (...
PT-2026-1374
Name of the Vulnerable Software and Affected Versions versions prior to ALPS10182882 Description A memory corruption issue exists in display due to uninitialized data. Successful exploitation could allow a malicious actor with System privileges to escalate their privileges locally. User interacti...
PT-2026-1370
Name of the Vulnerable Software and Affected Versions versions prior to ALPS10184061 Description A memory corruption issue exists in display due to a use after free condition. Successful exploitation of this issue could allow a malicious actor with System privileges to gain local escalation of...
The vulnerability of the Downloads Panel component of the Mozilla Firefox browser and the Thunderbird email client allows attackers to perform spear-phishing attacks.
The vulnerability of the Downloads Panel component in the Mozilla Firefox browser and the Thunderbird email client is related to deficiencies in the authentication process, resulting from incorrect display of the domain name in the address bar. Exploiting this vulnerability allows a malicious act...
CVE-2025-20777
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752...
CVE-2025-20777
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752...
CVE-2025-20766
Summary: CVE-2025-20766 refers to a memory corruption issue caused by improper input validation in MediaTek chipsets. The vulnerability could enable local escalation of privilege to SYSTEM without user interaction, as indicated by a high-severity CVSS v3.1 base score (7.8) with LOCAL attack vecto...
CVE-2025-55127
Affected software: Revive Adserver. Vulnerability: Improper neutralization/validation of whitespace in usernames, allowing leading or trailing spaces. The UI does not visually distinguish such usernames from legitimate ones, per the HackerOne report and related sources. Root cause (as stated): Us...
EUVD-2012-2801
Malware in sbrugna...
EUVD-2021-11278
Malware in sbrugna...
EUVD-2019-3804
Malware in sbrugna...
EUVD-2017-16800
Malware in sbrugna...
EUVD-2016-6081
Malware in sbrugna...
EUVD-2023-37082
Malicious code in bioql PyPI...
EUVD-2022-35692
Malicious code in bioql PyPI...
EUVD-2022-35691
Malicious code in bioql PyPI...