Lucene search
+L

63440 matches found

Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-9492 GIGABYTE|Gigabyte Control Center - Improper Access Control

The MBStorage DRAM lighting control module within Gigabyte Control Center GCC developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIOx64.sys bundled with the module, thereby arbitrari...

8.5CVSS0.00109EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 5 days ago13 views

PT-2026-57623

Name of the Vulnerable Software and Affected Versions Gigabyte Control Center affected versions not specified Description The MBStorage DRAM lighting control module within Gigabyte Control Center GCC contains an improper access control issue. Authenticated local attackers can send specific IOCTL...

8.5CVSS6.1AI score0.00109EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago11 views

EUVD-2026-43198

A security vulnerability has been detected in QILING Disk Master 6.0.0.0. The impacted element is an unknown function in the library diskbckp.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack can only be performed from a local environment. The...

5.3CVSS5.7AI score0.00103EPSS
Exploits0References6
Cvelist
Cvelist
added 6 days ago39 views

CVE-2026-15476 QILING Disk Master Kernel Driver diskbckp.sys access control

A security vulnerability has been detected in QILING Disk Master 6.0.0.0. The impacted element is an unknown function in the library diskbckp.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack can only be performed from a local environment. The...

5.3CVSS0.00103EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-43197

A weakness has been identified in MiniTool Partition Wizard up to 13.6. The affected element is an unknown function in the library pwdrvio.sys of the component Signed Kernel Driver. This manipulation causes improper access controls. The attack can only be executed locally. The exploit has been ma...

5.3CVSS5.7AI score0.00105EPSS
Exploits0References6
NVD
NVD
added 2026/07/10 8:16 a.m.4 views

CVE-2026-40452

Incorrect Authorization, Improper Access Control vulnerability in Apache IoTDB. Authorization bypass in /rest/v2/fastLastQuery exposes last-value data to unauthorized authenticated users. This issue affects Apache IoTDB: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users are recommended to...

7.5CVSS0.00256EPSS
Exploits0References2
Veracode
Veracode
added 2026/07/10 8:13 a.m.8 views

Improper Access Control

Coder is vulnerable to Improper Access Control. The vulnerability is due to the tailnet coordinator validating an agent's Addresses but not its AllowedIPs, which allows an authenticated attacker to advertise unauthorized IP prefixes that are propagated to WireGuard peers, potentially enabling...

8.2CVSS6.1AI score0.00405EPSS
Exploits0References9Affected Software2
EUVD
EUVD
added 2026/07/10 7:15 a.m.7 views

EUVD-2026-42837

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/10 7:15 a.m.9 views

CVE-2026-40009

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/07/10 5:16 a.m.8 views

CVE-2026-21040

Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...

6.9CVSS0.00099EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 5:16 a.m.10 views

CVE-2026-21039

Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings...

6.9CVSS0.00105EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 5:16 a.m.9 views

CVE-2026-21041

Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS0.00105EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/10 4:58 a.m.6 views

EUVD-2026-42820

Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

5.1CVSS5.9AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 4:58 a.m.32 views

CVE-2026-21050

Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

5.1CVSS0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:58 a.m.6 views

CVE-2026-21050

Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

5.1CVSS5.9AI score0.00105EPSS
Exploits0References2
CVE
CVE
added 2026/07/10 4:58 a.m.12 views

CVE-2026-21050

CVE-2026-21050 describes an improper access control vulnerability in SmartThingsKit prior to the SMR Jul-2026 Release 1. The issue allows local attackers to access sensitive information due to insufficient access restrictions in the affected component. CVSS 4.0 base vector indicates LOCAL attack,...

5.1CVSS5.9AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:58 a.m.5 views

CVE-2026-21041

Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS5.9AI score0.00105EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/10 4:58 a.m.8 views

EUVD-2026-42812

Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS5.9AI score0.00105EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/10 4:58 a.m.7 views

EUVD-2026-42811

Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...

6.9CVSS5.9AI score0.00099EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 4:58 a.m.33 views

CVE-2026-21040

Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...

6.9CVSS0.00099EPSS
Exploits0References1
Rows per page
Query Builder