34824 matches found
CVE-2026-48567
Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-48567 Azure HorizonDB Elevation of Privilege Vulnerability
...
CVE-2026-48567
CVE-2026-48567 : Azure HorizonDB suffers an authentication bypass by spoofing, enabling a network-based attacker with no privileges and no user interaction to achieve privilege escalation. CVSS v3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H with a base score of 10.0 (CRITICAL). Explo...
Azure HorizonDB Elevation of Privilege Vulnerability
Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network...
MediaTek Chipsets Security Vulnerabilities
MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...
CVE-2026-9795
A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...
EUVD-2025-209951
A local user with low privileges may be able to influence the behavior of a privileged system service by manipulating configuration or application-related files located in user-writable areas of the filesystem. The affected service processes data from locations that are not sufficiently protected...
Budibase 安全漏洞
Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained security vulnerabilities. These vulnerabilities stemmed from the...
CVE-2026-23663
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...
Security information for Hitachi Disk Array Systems
Overview CVE-2026-23667 | Broadcast DVR Elevation of Privilege Vulnerability CVE-2026-23668 | Windows Graphics Component Elevation of Privilege Vulnerability CVE-2026-23669 | Windows Print Spooler Remote Code Execution Vulnerability CVE-2026-23671 | Windows Bluetooth RFCOM Protocol Driver Elevati...
Admidio 跨站请求伪造漏洞
Admidio is an open source member management system from the Admidio team. The system supports member lists, event management, guestbooks, photo albums, and downloads. A cross-site request forgery vulnerability exists in Admidio version 3.3.5, which stems from cross-site request forgery and could...
CVE-2026-42901
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-35430
Authorization bypass through user-controlled key in Azure Privileged Identity Management PIM allows an authorized attacker to elevate privileges over a network...
CVE-2026-23663
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-23663
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-42901 Microsoft Entra ID Elevation of Privilege Vulnerability
...
CVE-2026-42901 Microsoft Entra ID Elevation of Privilege Vulnerability
...
CVE-2026-42901
CVE-2026-42901 affects Microsoft Entra ID. AOrigin validation error allows an unauthenticated attacker to elevate privileges over a network. Metrics indicate a CRITICAL impact (CVSSv3.1: 10.0, AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) with network-based access, no user interaction, and a changed scope...
EUVD-2026-31522
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-33843 Microsoft Azure Active Directory B2C Elevation of Privilege Vulnerability
...