CVE-2026-0263

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service DoS condition. Panorama, Cloud NGFW, and Prisma® Access...

CVE-2026-20446

In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09963054; Issue ID:...

CVE-2026-21424

Summary : CVE-2026-21424 affects Dell PowerScale OneFS; versions prior to 9.10.1.6 and 9.11.0.0–9.12.0.1 contain an execution with unnecessary privileges vulnerability. A highly privileged attacker with local access could achieve Elevation of Privileges . The CVSS 3.1 vector indicates local acces...

CVE-2026-0008

CVE-2026-0008 describes a local privilege escalation due to a confused deputy in multiple locations. Exploitation requires no user interaction and can lead to total privilege gain. Connected sources reference Android/Samsung updates; NCSC notes that Google fixed vulnerabilities in Android (14–16)...

CVE-2026-25933

Arduino App Lab is a cross-platform IDE for developing Arduino Apps. Prior to 0.4.0, a vulnerability was identified in the Terminal component of the arduino-app-lab application. The issue stems from insufficient sanitization and validation of input data received from connected hardware devices,...

EUVD-2026-5141

In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00464377; Issue ID: MSV-4905...

CVE-2023-45773

In multiple functions of btmblegap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40653

In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...

CVE-2023-40092

In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40654

In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...

CVE-2018-9399

In /proc/driver/wmtdbg driver, there are several possible out of bounds writes. These could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9468

In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9396

In rpcmsghandler and related handlers of drivers/misc/mediatek/eccci/portrpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9383

In asn1berdecoder of asn1decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9392

In getbinary of vendor/mediatek/proprietary/hardware/connectivity/gps/gpshal/src/datacoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

CVE-2021-0303

In dispatchGraphTerminationMessage of packages/services/Car/computepipe/runner/graph/StreamSetObserver.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

CVE-2021-0347

In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID:...

CVE-2021-0338

In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

CVE-2021-0682

In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-0893

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05687474...