142 matches found
EUVD-2026-2520
A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...
EUVD-2026-2618
EUVD-2026-2618...
EUVD-2026-2646
EUVD-2026-2646...
EUVD-2026-2122
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
EUVD-2026-2137
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...
EUVD-2026-2213
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix potential UAF in xeoaaddconfigioctl In xeoaaddconfigioctl, we accessed oaconfig-id after dropping metricslock. Since this lock protects the lifetime of oaconfig, an attacker could guess the id and call...
EUVD-2026-2214
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...
EUVD-2026-2249
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...
EUVD-2026-2301
In the Linux kernel, the following vulnerability has been resolved: ksmbd: skip lock-range check on equal size to avoid size==0 underflow When size equals the current isize including 0, the code used to call checklockrangefilp, isize, size - 1, WRITE, which computes size - 1 and can underflow for...
EUVD-2026-2342
Information disclosure in the Networking component. This vulnerability affects Firefox 147 and Firefox ESR 140.7...
EUVD-2026-2356
The Dreamer Blog WordPress theme through 1.2 is vulnerable to arbitrary installations due to a missing capability check...
EUVD-2026-1763
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed a user to leak certain information by referencing specially crafted images that bypass asset proxy protection...
EUVD-2026-1485
OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' endpoint, iterate through predictable values of 'chargeNumber', and download any uploaded files...
EUVD-2026-1455
A flaw was found in Ansible Automation Platform AAP. Read-only scoped OAuth2 API Tokens in AAP, are enforced at the Gateway level for Gateway-specific operations. However, this vulnerability allows read-only tokens to perform write operations on backend services e.g., Controller, Hub, EDA. If thi...
EUVD-2026-1234
Not used...
EUVD-2026-1259
EUVD-2026-1259...
EUVD-2026-1253
Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through 3.8.1.1...
EUVD-2026-1321
The EDD Download Info plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'edddownloadinfolink' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
EUVD-2026-1349
The ACF to REST API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.3.4. This is due to insufficient capability checks in the updateitempermissionscheck method, which only verifies that the current user has the editposts capability...
EUVD-2026-1301
A NULL Pointer Dereference vulnerability in TP-Link Archer BE400 V1802.11 modules allows an adjacent attacker to cause a denial-of-service DoS by triggering a device reboot. This issue affects Archer BE400: xi 1.1.0 Build 20250710 rel.14914...