14 matches found
CVE-2026-43535
OpenClaw before 2026.4.14 contains an authorization context reuse vulnerability in collect-mode queue batches that allows messages from different senders to inherit the final sender's authorization context. Attackers can exploit this by sending multiple queued messages to drain batches using a mo...
CVE-2021-22425
A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges...
Portábilis i-Educar 安全漏洞
Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. Portábilis i-Educar has a security vulnerability that stems from the ability to change its user type to administrator...
Cybersecurity Awareness Month 2023: Elevating Security Together
As the 20th anniversary of Cybersecurity Awareness Month begins, I find myself reflecting on the strides made since its inception. The journey to enhance and improve cybersecurity is ongoing and extends beyond October. It’s not merely a technological challenge; it is fundamentally about people...
Kaspersky Password Manager 安全漏洞
Kaspersky Password Manager is an application from the Russian company Kaspersky. It provides a function to manage passwords. A security vulnerability exists in Kaspersky Password Manager that allows an attacker to increase the process integrity level from medium to high...
CVE-2021-22425
A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges...
PowerShell-Suite
This repository is an offensive tool for Windows UAC User Account Control bypass. It provides a framework to perform UAC bypasses based on auto-elevating IFileOperation COM object method calls. The tool is written in C and uses the .NET framework. The tool supports several methods for UAC bypass,...
SUSE: Security Advisory (SUSE-SU-2016:3217-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross site scripting
Tufin SecureTrack R20-2 GA contains reflected + stored XSS as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users. Both stored, and reflected payloads are triggerable by admin, so...
The vulnerability of the Intel High Definition Audio technology lies in privilege management errors, which allow attackers to elevate their privileges.
The vulnerability of the Intel High Definition Audio technology is related to privilege management errors. Exploiting this vulnerability can allow an attacker to enhance their privileges...
CVE-2020-25859
The QCMAPCLI utility in the Qualcomm QCMAP software suite prior to versions released in October 2020 uses a system call without validating the input, while handling a SetGatewayUrl request. A local attacker with shell access can pass shell metacharacters and run arbitrary commands. If QCMAPCLI ca...
About the security content of iOS 12.2 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
PowerShell-Suite
This is a PowerShell script called Bypass-UAC, which is designed to bypass User Account Control UAC on Windows systems. The script uses a technique called "auto-elevating IFileOperation COM object method calls" to achieve this. The script supports several methods for bypassing UAC, including:...
Solaris 8 libsldap Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a...