EUVD-2026-35464

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

CVE-2026-9210

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

CVE-2026-0412

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

CVE-2026-0415

CVE-2026-0415 affects certain NETGEAR Orbi routers where insufficient input validation by the device allows authenticated administrators on the local network to modify router software and functionality without authorization. The description specifies that the vulnerability arises from input valid...

CVE-2026-0415 Insufficient input validation vulnerability in certain Orbi routers

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

CVE-2026-0417 Insufficient input validation in certain NETGEAR routers

Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity...

CVE-2026-0412 Insufficient input validation vulnerability in NETGEAR JR6150 Web UI

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

PT-2026-47819

Name of the Vulnerable Software and Affected Versions NETGEAR affected versions not specified Description Insufficient input validation allows authenticated administrators connected to the local network to make unauthorized modifications to router software and functionality...

Genetec Update Service 安全漏洞

The Genetec Update Service is a patch distribution backend component of the American company Genetec. There is a security vulnerability in the Genetec Update Service. This vulnerability stems from the possibility of local administrators leaking information from the configuration page, which could...

SAP NetWeaver 代码问题漏洞

SAP NetWeaver is a service-oriented integrated application platform developed by the German company SAP. This platform primarily provides development and runtime environments for SAP applications. There are code-related vulnerabilities in SAP NetWeaver, particularly those related to deserializati...

PT-2025-39221

Name of the Vulnerable Software and Affected Versions Click Programming Software version v3.60 Description A security issue allows a local user, while an administrator session is active, to steal credentials stored in clear text. The issue involves the cleartext storage of sensitive information a...

CVE-2022-27592

An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow local authenticated administrators to execute unauthorized code or commands via unspecified vectors. We have already fixed the vulnerability in the following...

PT-2024-11545 · Qnap · Qvr Smart Client

Name of the Vulnerable Software and Affected Versions: QVR Smart Client versions prior to 2.4.0.0570 Description: An unquoted search path or element issue has been reported, which could allow local authenticated administrators to execute unauthorized code or commands via unspecified vectors...

CVE-2024-32765

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS...

CVE-2024-32765

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS...

Design/Logic Flaw

An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors. We have...

CVE-2022-27599

An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already...

CVE-2020-27585

Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password...

CVE-2020-27587

Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password...

Privilege escalation

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...