122199 matches found
GNUnet P2P Framework 0.26.2
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...
kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
CVE-2025-12694
A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...
CVE-2025-12694
Forcepoint VPN Client for Windows is affected by a local privilege escalation (CVE-2025-12694) that allows a local non-administrative user to escalate privileges to SYSTEM. Affected versions: Windows client 6.11.3 and prior. The vulnerability is local with low attack complexity and no user intera...
Hacking Meta’s AI Chatbot
Hackers are convincing Meta's AI support chatbot to let them take over other peoples' accounts: A video posted on X showed the step-by-step process to hack someone's Instagram account. The hacker allegedly used a VPN to spoof the targets' presumed location to avoid triggering Instagram's automate...
CVE-2026-50214
The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans...
CVE-2026-50224 Unauthenticated IPv6 WAN Management Exposure
The web administration panel binds broadly to the public IPv6 address space on port :::8080 without default firewall limits, making internal API endpoints reachable over the WAN...
EUVD-2026-34228
The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans...
CVE-2026-50208
CVE-2026-50208 describes a vulnerability where TrustAllCerts routines bypass TLS certificate validation and are combined with hard-coded DES keys, enabling a MitM actor to decrypt network traffic. Documented impact includes high confidentiality and integrity risks with network traffic exposure; n...
EUVD-2026-34220
High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...
CVE-2026-50208 Permissive TrustAllCerts TLS Verification
High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...
CVE-2026-50206 VPN Command Injection Vulnerability
Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files...
EUVD-2026-34218
Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files...
CVE-2026-50206
Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files...
CVE-2026-50206
CVE-2026-50206 affects VPN network profile handling where special characters in config files are not safely processed, enabling command injection. Root cause: improper sanitization or parsing of config entries leads to execution of injected commands when reading malicious config files. Documented...
CVE-2026-10805
A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...
CVE-2026-10805
Summary : CVE-2026-10805 concerns NetworkManager’s dhclient backend, which may misprocess malformed MUD URLs to enable local privilege escalation. What’s affected : NetworkManager (dhclient backend); only when administrator explicitly configures NetworkManager to use dhclient. Default configurati...
CVE-2026-10805
A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...
EUVD-2026-34207
A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...
CVE-2026-10805
A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...