8672 matches found
MAL-2026-3656 Malicious code in buffer-export (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44f072eff9ef90a204331ae1a03c5c4296929dbf88a05fff1a529e397548421a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2026-21020
Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21020
Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21020
Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...
SUSE CVE-2025-71296
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around purge Acquire and release the GEM object's reservation lock around calls to the object's purge operation. The tests use drmgemshmempurgelocked, which led to errors such as show below...
SUSE CVE-2026-7816
OS command injection CWE-78 vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve...
EUVD-2026-29828
PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only...
ANTI-FLUFF
PENTESTINGMETHS Main view example: Web Application As...
SQLBot 安全漏洞
SQLBot is an intelligent data querying system developed by DataEase, based on large models and RAG techniques. Versions of SQLBot prior to 1.8.0 contained security vulnerabilities. These vulnerabilities stemmed from cross-workpace IDOR and authorization bypasses in the...
PT-2026-40817
Name of the Vulnerable Software and Affected Versions SQLBot versions prior to 1.8.0 Description An Insecure Direct Object Reference IDOR and authorization bypass issue exists in the '/api/v1/datasource/exportDsSchema' and '/api/v1/datasource/uploadDsSchema' endpoints. This allows an attacker to...
SAMSUNG SMR 安全漏洞
SAMSUNG SMR is a system patch package developed by Samsung Electronics of South Korea. It provides patches for Samsung mobile applications. Versions prior to SAMSUNG SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of Android applicatio...
PT-2026-40572
Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-26289
PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only...
CVE-2026-26289
PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only...
CVE-2026-26289 Subnet Solutions PowerSYSTEM Center Incorrect Authorization
PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only...
CVE-2026-26289 Subnet Solutions PowerSYSTEM Center Incorrect Authorization
PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to administrative permissions only...
CVE-2026-26289
CVE-2026-26289 affects PowerSYSTEM Center: the REST API endpoint used for device account export has incorrect authorization, permitting an authenticated user with limited permissions to access data normally restricted to administrators. The issue exposes sensitive information and is backed by hig...
EUVD-2026-29731
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...
CVE-2026-44279
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...
CVE-2026-44279
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...