256654 matches found
VoipMonitor - Pre-Auth SQL Injection
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level. id: CVE-2022-24260 info: name: VoipMonitor - Pre-Auth SQL Injection author: gy741 severity: critical description: A SQL injection vulnerability in Voipmonitor GUI...
CVE-2026-54483
CVE-2026-54483 affects Dell PowerProtect Data Domain: versions 7.7.1.0–8.6, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70. The vulnerability is described as OS command injection caused by improper neutralization of special elements in certain OS commands. A hi...
CVE-2026-41124
Affected product: Dell PowerProtect Data Domain (versions 7.7.1.0–8.6; LTS2026 8.6.1.0–8.6.1.10; LTS2025 8.3.1.0–8.3.1.30; LTS2024 7.13.1.0–7.13.1.70). Vulnerability: Improper restriction of a pathname to a restricted directory (path traversal) allowing a high-privileged, locally authenticated at...
CVE-2026-44268
Dell PowerProtect Data Domain (versions 7.7.1.0–8.6, plus LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) contains an incorrect permission assignment for a critical resource vulnerability. A high-privileged attacker with local access could potentially exploit this ...
CVE-2026-14544
A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...
CVE-2026-14544
CVE-2026-14544 concerns HPLIP (HP Linux Imaging and Printing Software) with an integer overflow in the hpcups processing path when handling specially crafted print data. This is described as an incomplete fix for CVE-2026-8631. The vulnerability may allow a remote attacker to escalate privileges ...
EUVD-2022-56011
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...
CVE-2022-4989
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...
CVE-2022-4989
CVE-2022-4989 affects the ASUS AI Suite 3 driver. The root cause is improper validation of a specified quantity in input, enabling a local user to craft IOCTL requests that access unintended memory regions and escalate privileges. The CVSS indicates high impact to confidentiality, integrity, and ...
EUVD-2022-56010
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...
CVE-2022-4990
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...
CVE-2022-4990
CVE-2022-4990 affects the ASUS AI Suite 3 driver. The vulnerability arises from improper validation of a specified quantity in input, enabling a local attacker to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation. The docume...
CVE-2026-8921
The CVE-2026-8921 entry concerns ASUS Business Manager. It describes an External Control of File Name or Path vulnerability that allows a local user to execute arbitrary code with SYSTEM privileges by sending a tampered IPC message. Affected product is ASUS Business Manager; the root cause is con...
EUVD-2026-41443
Server-side request forgery ssrf in Azure OpenAI allows an authorized attacker to elevate privileges over a network...
EUVD-2026-41442
Server-side request forgery ssrf in Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a network...
EUVD-2026-41445
Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-41444
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network...
EUVD-2026-41460
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and...
CVE-2026-13079
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and...
CVE-2026-13079
CVE-2026-13079 describes a local privilege escalation in the WatchGuard Mobile VPN with SSL client for Windows . The issue allows a local attacker to escalate to NT AUTHORITY\SYSTEM on the machine hosting the Windows client. Affected scope includes the Windows client versions up to and including ...