396 matches found
CVE-2026-21040
Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...
CVE-2026-21052
Path traversal in SemClipboardService prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system privilege...
CVE-2026-21043
Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege...
CVE-2026-21040
CVE-2026-21040 affects IAFDService; the root cause is improper access control that allows local privileged attackers to use the privileged APIs prior to SMR Jul-2026 Release 1. Documented impact includes access to high-privilege APIs with local execution, and no exploitation or remediation steps ...
CVE-2026-44268
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect permission Assignment for critical resource vulnerability. A hi...
CVE-2026-46468
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access 'Link following' vulnerabilit...
CVE-2026-47166
A flaw was found in ImageMagick, a widely used software for image editing. An attacker with high privileges and local access could exploit a vulnerability in the magick -distribute-cache service. By causing a heap buffer over-read, this could lead to the disclosure of sensitive information and...
CVE-2024-45636
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...
CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...
CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...
CVE-2024-45636
The CVE-2024-45636 entry concerns IBM Security QRadar EDR. Affected: QRadar EDR 3.12–3.12.24. Issue: credentials are stored in plaintext, readable by a local privileged user (CWE-256). Impact: potential exposure of sensitive credentials on the host; CVSS v3.1 base score 4.1 (L, H, N) with Local a...
EUVD-2024-55619
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...
PT-2026-48669
Name of the Vulnerable Software and Affected Versions IBM Security QRadar EDR versions 3.12 through 3.12.24 Description User credentials are stored in plain text, which allows a local privileged user to read this sensitive information. Recommendations At the moment, there is no information about ...
IBM Security QRadar EDR 安全漏洞
IBM Security QRadar EDR is a terminal detection and response software developed by the American multinational company IBM. There are security vulnerabilities in versions 3.12 to 3.12.24 of IBM Security QRadar EDR. These vulnerabilities stem from the storage of user credentials in plain text, whic...
Security Bulletin: IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.
Summary IBM Security QRadar EDR Software is affected by a vulnerability where user credentials are stored in plain text, which could allow a local privileged user to access sensitive credential information. This vulnerability has been addressed in version 3.12.25. Vulnerability Details...
CVE-2026-44069 Integer underflow in volxlate
An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...
CVE-2026-44069
An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A flaw was discovered in the XFRM subsystem of the Linux kernel. The specific flaw occurs during the processing of state filters, which can lead to a read beyond the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially...
Astra Linux – Vulnerability in Linux, Linux 5.10
A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c within the Linux kernel. This flaw allows a local attacker with special user privileges CAPSYSADMIN or CAPSYSRAWIO to cause confidentiality issues...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A flaw was discovered in the Netfilter subsystem of the Linux kernel. The xtu32 module failed to validate the fields within the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value that exceeds the bounds of the...