27 matches found
CVE-2026-11494 TOTOLINK AC1200 T8 vsftpd vsftpd.conf least privilege violation
A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly...
TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...
CVE-2026-45208
Technical details (affected product versions, root cause, exploit paths, and mitigations) are not publicly available in the provided documents. Monitor for updates from official advisories.
CVE-2026-0924
CVE-2026-0924 affects BuhoCleaner 1.15.2. The Red Hat/NVD notes describe an insecure XPC service that allows local, unprivileged users to escalate privileges to root via insecure functions. The provided documents identify the affected component as the BuhoCleaner XPC service and indicate local pr...
PT-2025-43539
Name of the Vulnerable Software and Affected Versions NVIDIA Project G-Assist affected versions not specified Description NVIDIA Project G-Assist contains a flaw that could allow an attacker to escalate permissions. Exploitation of this issue may result in code execution, privilege escalation, da...
EUVD-2020-18358
Malware in sbrugna...
EUVD-2020-4896
Malware in sbrugna...
EUVD-2018-15819
Malware in sbrugna...
EUVD-2022-34821
Malicious code in bioql PyPI...
EUVD-2022-3946
Malicious code in bioql PyPI...
EUVD-2022-40319
Malicious code in bioql PyPI...
Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability
Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild. Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in...
Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-43093 - A privilege escalation flaw in...
CVE-2024-6871
G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the targ...
MediaTek 芯片安全漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. The MediaTek chips are affected by a security vulnerability that stems from a lack of privilege checking, which can be exploited by an attacker to cause a local privilege escalation. The following products and versio...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which originates in onEntryUpdated in OngoingCallController.kt, and due to intent redirection, can initiate non- exported activity, an attacker can use...
The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to gain increased privileges.
The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to increase their privileges...
PT-2020-6995
Name of the Vulnerable Software and Affected Versions EVGA Precision X1 versions through 1.0.6 winring0 project winring0 version 1.2.0 Description The WinRing0.sys and WinRing0x64.sys drivers versions 1.2.0 in EVGA Precision X1 through 1.0.6 contain a flaw that allows local users, including those...
CVE-2020-10699
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...
Important: Red Hat Security Advisory: Red Hat CloudForms security, bug fix, and enhancement update
An update is now available for CloudForms Management Engine 5.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...