Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a lack of privilege checking in the onLastAccessedStackLoaded function in ActionHandler.java, which can be exploited by an attacker to...

PT-2025-35600

Name of the Vulnerable Software and Affected Versions: Dell Alienware Command Center versions prior to 5.10.2.0 Description: Dell Alienware Command Center AWCC contains an Improper Link Resolution Before File Access 'Link Following' issue. A local attacker with low privileges could potentially...

PT-2025-35590

Name of the Vulnerable Software and Affected Versions: Samsung Magician versions 6.3 through 8.3 Description: An attacker can achieve Elevation of Privileges to SYSTEM by exploiting insecure file delete operations during the update process. Recommendations: Update Samsung Magician to a version...

MediaTek Modem 资源管理错误漏洞

MediaTek Modem is a 5G modem technology from MediaTek, a Chinese company. A resource management error vulnerability exists in MediaTek Modem that stems from memory corruption due to reuse after release, which could lead to local elevation of privilege...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from an unchecked command index, which could lead to local elevation of privilege...

MediaTek Modem 资源管理错误漏洞

MediaTek Modem is a 5G modem technology from MediaTek, a Chinese company. A resource management error vulnerability exists in MediaTek Modem that stems from memory corruption due to reuse after release, which could lead to local elevation of privilege...

MediaTek Modem 缓冲区错误漏洞

MediaTek Modem is a 5G modem technology from MediaTek, a Chinese company. A buffer error vulnerability exists in MediaTek Modem that stems from a lack of boundary checking leading to out-of-bounds writes, which could lead to remote elevation of privilege...

Acronis Cyber Protect Cloud Agent 安全漏洞

Acronis Cyber Protect Cloud Agent is a cloud agent from Acronis Switzerland. A security vulnerability exists in versions prior to Acronis Cyber Protect Cloud Agent build 40734, which stems from insecure folder permissions that could lead to local elevation of privileges...

Tenda AC10 安全漏洞

Tenda AC10 is a dual-band Gigabit wireless router launched by Shenzhen Jixiang Tenda Technology Co., Ltd, mainly for 200M and above fiber optic users. Tenda AC10 suffers from an elevation of privilege vulnerability, which stems from an ate service input validation flaw that results in elevation t...

Dell ThinOS 10 安全漏洞

DELL ThinOS 10 is a next-generation thin client operating system from Dell designed for virtual desktop infrastructure VDI to improve security, efficiency and user experience. DELL ThinOS 10 suffers from an elevation of privilege vulnerability that stems from improper assignment of critical...

Dell ThinOS 10 参数注入漏洞

DELL ThinOS 10 is a next-generation thin client operating system from Dell designed for virtual desktop infrastructure VDI to improve security, efficiency and user experience. DELL ThinOS 10 suffers from a parameter injection vulnerability that stems from improper parameter delimiter...

Cisco UCS Manager Software 操作系统命令注入漏洞

Cisco UCS Manager Software is a device management software from Cisco. Cisco UCS Manager Software suffers from an operating system command injection vulnerability that stems from insufficient validation of command parameter input, which could lead to elevation of privilege...

CVE-2025-22409

In rfcsendbufuih of rfctsframes.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Agiloft 安全漏洞

Agiloft is a contract management platform from Agiloft Corporation in the United States. A security vulnerability exists in Agiloft Release 28 that stems from the use of default credentials by multiple accounts, which could lead to local elevation of privilege...

Moxa Utility for DRP-A100 Series 安全漏洞

Moxa Utility for DRP-A100 Series is a software tool from Moxa Corporation, Taiwan, China, that simplifies the configuration and management of the device. A security vulnerability exists in Moxa Utility for DRP-A100 Series, which stems from an un-referenced path configuration in...

Apache Cassandra 安全漏洞

Apache Cassandra is a distributed Nosql database from the Apache USA Foundation. A security vulnerability exists in Apache Cassandra versions 3.0.30, 3.11.17, 4.0.16, 4.1.7, and 5.0.2, which stems from an improperly defined privilege that could lead to elevation of privilege...

Rebuild 安全漏洞

Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild version 4.0.4, which stems from a flaw in the filtering code of the RebuildWebInterceptor class that could lead to information disclosure or elevation of privilege...

PDQ Smart Deploy 安全漏洞

PDQ Smart Deploy is a Windows device imaging and deployment software from PDQ Corporation. A security vulnerability exists in PDQ Smart Deploy version 3.0.2040, which stems from a flaw in the credential encryption routines in SDCommon.dll that could lead to elevation of privilege...

Exagrid EX10 安全漏洞

Exagrid EX10 is a backup storage server from Exagrid Corporation, USA. A security vulnerability exists in Exagrid EX10 version 7.0.1p02, which originates from the presence of XML external entity injection in the /init API endpoint, which could lead to information disclosure and elevation of...

CVE-2025-6181

The StrongDM Windows service incorrectly handled input validation. Authenticated attackers could potentially exploit this leading to privilege escalation...