15 matches found
EUVD-2026-30949
API endpoints in LalanaChami Pharmacy Management System commit 5c3d028 lack authentication middleware. Unauthenticated remote attackers can exploit this to dump all user records including bcrypt password hashes via /api/user/getUserData, modify drug inventory, and access private medical...
CVE-2026-25704 Incomplete privilege drop for com.system76.CosmicGreeter.GetUserData
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use TOCTOU Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before...
CVE-2026-0113
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-10837
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-10839
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0113
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0113
CVE-2026-0113 describes an out-of-bounds write in ns_GetUserData within ns_SmscbUtilities.c that could enable remote escalation of privilege without user interaction. Affected references across multiple feeds corroborate the same flaw and classify it as a high-severity issue with a common-criteri...
CVE-2026-0113
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0113
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0111
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0111
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0111
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PUB-A-441209133
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-46001
Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isomread.c:2807:51 function in gfisomgetuserdata...
PT-2023-6964 · Unknown +2 · Gpac Mp4Box +2
Name of the Vulnerable Software and Affected Versions: gpac MP4Box version 2.3-DEV-rev573-g201320819-master Description: The issue is caused by a buffer overflow in the gf isom get user data function, which can be exploited by a local attacker to cause a denial of service. This buffer overflow...