4744 matches found
CVE-2026-27750
Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...
CVE-2026-27750
Avira Internet Security is affected by a TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and later deletes them in a separate cleanup phase without revalidating the target path. An local attacker could ...
CVE-2026-27750 Avira Internet Security Optimizer TOCTOU
Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...
CVE-2026-27750 Avira Internet Security Optimizer TOCTOU
Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...
CVE-2026-25906
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
Avira Internet Security 安全漏洞
Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability, which stems from a race condition in the Optimizer component. This vulnerability could allow local attackers to delete protected files or directories...
GHSA-XPQW-6GX7-V673 SVGO DoS through entity expansion in DOCTYPE (Billion Laughs)
Summary SVGO accepts XML with custom entities, without guards against entity expansion or recursion. This can result in a small XML file 811 bytes stalling the application and even crashing the Node.js process with JavaScript heap out of memory. Details The upstream XML parser sax doesn't interpr...
CLEANSTART-2026-WY43835 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access
Multiple security vulnerabilities affect the postgresql package. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. See references for individual vulnerability details...
CVE-2026-25906
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
CVE-2026-25906
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
CVE-2026-25906
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
EUVD-2026-9321
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
CVE-2026-25906
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
CVE-2026-25906
CVE-2026-25906 affects Dell Optimizer, versions prior to 6.3.1. This is an Improper Link Resolution Before File Access (Link Following) vulnerability that could allow a low-privileged, locally authenticated attacker to achieve Elevation of Privileges. Exploitation details are not provided beyond ...
CVE-2026-25906
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
PT-2026-22823
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...
Dell Optimizer 后置链接漏洞
Dell Optimizer is an intelligent optimization software developed by the American company Dell. Versions of Dell Optimizer prior to 6.3.1 had a post-linkage vulnerability, which stemmed from improper link resolution before file access. This vulnerability could allow local, low-privilege attackers ...
CVE-2026-25370
Missing Authorization vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress: from n/a through = 6.60.28...
CVE-2026-25387
Missing Authorization vulnerability in Elementor Image Optimizer by Elementor image-optimization allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Optimizer by Elementor: from n/a through = 1.7.1...
WordPress Image Optimizer by Elementor plugin <= 1.7.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin Image Optimizer by Elementor versions = 1.7.1...