CVE-2026-35607

CVE-2026-35607 affects File Browser. Before version 2.63.1, a fix that prevented execution rights from being inherited by self-registered users was not applied to the proxy authentication path, causing auto-created proxy-auth users on first successful login to inherit Execute permissions and Comm...

File Browser 安全漏洞

File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser prior to 2.63.1 contained security vulnerabilities. These vulnerabilities stemmed from...

EUVD-2022-25493

Malicious code in bioql PyPI...

EUVD-2022-41657

Malicious code in bioql PyPI...

EUVD-2022-41654

Malicious code in bioql PyPI...

CVE-2022-28877

This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to...

CVE-2025-4971

Broadcom Automic Automation Agent Unix versions 24.3.0 HF4 and 21.0.13 HF1 allow low privileged users who have execution rights on the agent executable to escalate their privileges...

CVE-2025-4971 Broadcom Automic Automation Agent Unix privilege escalation

Broadcom Automic Automation Agent Unix versions 24.3.0 HF4 and 21.0.13 HF1 allow low privileged users who have execution rights on the agent executable to escalate their privileges...

CVE-2023-7047

Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL dat...

CVE-2023-4373

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature...

Design/Logic Flaw

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature...

CVE-2023-4373

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature...

PT-2023-28950 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2023.2.19 and earlier Description: Inadequate validation of permissions when employing remote tools and macros within the software permits a user to initiate a connection without proper execution...

CVE-2023-20717

In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645185; Issue ID: ALPS07645185...

PT-2023-8608 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: XWiki versions 4.2-milestone-1 through 14.10 Description: The issue concerns the "restricted" mode of the HTML cleaner in XWiki, which allowed the injection of arbitrary HTML code and thus cross-site scripting via invalid HTML comments. This...

CVE-2023-1900

A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap and lead to a denial-of-service situation. Issue was fixed with Endpointprotection.exe version 1.0.2303.633...

PT-2023-17326 · Avira · Avira Endpoint Security

Name of the Vulnerable Software and Affected Versions: Avira Endpointprotection.exe versions prior to 1.0.2303.633 Description: A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap...

PUB-A-184847809

In xtcompattargetfromuser of xtables.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Google Android System Elevation of Privilege Vulnerability (CNVD-2021-52329)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android version 11, which can be exploited by an attacker to cause a local elevatio...

Google Android System elevation of privilege vulnerability (CNVD-2021-52344)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android versions 8.1, 9, and 10, which can be exploited by an attacker to cause a...