2262 matches found
CVE-2026-42061
CVE-2026-42061 describes a local privilege escalation caused by excessive permissions granted to child processes in Acronis DeviceLock DLP (Windows) prior to build 9.0.15051.93227 . Affected component and root cause are stated, with the CVSSv3 score reported as 7.3 (High) and attack vector LOCAL,...
CVE-2026-35081
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
EUVD-2026-34077
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
CVE-2026-35081
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
CVE-2026-35081 Arbitrary process termination vulnerability in method ugw-logstop
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
PT-2026-46061
Name of the Vulnerable Software and Affected Versions Acronis DeviceLock DLP Windows versions prior to 9.0.15051.93227 Description Local privilege escalation occurs because excessive permissions are assigned to child processes. Recommendations Update to build 9.0.15051.93227 or later...
PT-2026-45922
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
Symantec PC Tools Internet Security has security vulnerabilities
Symantec PC Tools Internet Security is a comprehensive computer security protection software developed by Symantec Corporation. Symantec PC Tools Internet Security has a security vulnerability, which stems from improper access control in the PCTCore64.sys Windows kernel driver. This allows...
Wordfence Bug Bounty Program Monthly Report โ March 2026
In March 2026, the Wordfence Bug Bounty Program received 1718 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfence Threat...
MAECO-Lite: Modular Ontology for Dynamic Malware Analysis
Capturing dynamic malware behavior in a practical but still semantically precise manner remains a significant challenge in cyber threat intelligence. While standards such as MAEC and STIX provide widely adopted vocabularies for describing malware artifacts and observations, they represent data wi...
CVE-2026-46223
A flaw was found in the Linux kernel's cgroup subsystem. This vulnerability occurs during the rmdir operation when the process initiating the rmdir is also responsible for cleaning up zombie processes that are holding onto process namespace pidns resources. This specific scenario can lead to a...
Google Chrome ่ตๆบ็ฎก็้่ฏฏๆผๆด
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the use of GPU components that were reused after being released, potentially allowing remote attackers who had...
Google Chrome ่ตๆบ็ฎก็้่ฏฏๆผๆด
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the Extensions component reusing resources after they were released. This could allow remote attackers who have...
PT-2026-43478
The Appointment Booking Calendar โ Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to denial of service in all versions up to, and including, 1.6.11.5. This is due to a publicly accessible REST API endpoint /wp-json/ssa/v1/async that calls PHP's sleep function on a...
Malicious code in ml2000 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 871b57a598bf1230a64fa6ee85d442eb30f21915176835801871dc46c59cedf6 On invoking the ml2000 CLI with no arguments, interactivemenu in src/mllabs/generator.py writes a batch file and launches it via...
MAL-2026-4756 Malicious code in ml2000 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 871b57a598bf1230a64fa6ee85d442eb30f21915176835801871dc46c59cedf6 On invoking the ml2000 CLI with no arguments, interactivemenu in src/mllabs/generator.py writes a batch file and launches it via...
Mattermost ๅฎๅ จๆผๆด
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in versions of Mattermost 11.6.0 and earlier 11.6.x series, as well as versions prior to 11.5.3 11.5.x series, 11.4.4 and earlier 11.4.x series, and 10.11.14 and earlier 10.11.x...
On AI Security
Good report: Executive Summary: Let's say you wanted to make sure that your AI is secure. Can you just maximize the security and privacy benchmark and call it a day? Nope, because benchmarks don't actually work for measuring AI capabilities even when they are NOT emergent systemic properties like...
Astra Linux - ััะทะฒะธะผะพััั ะฒ exim4
Exim 4 before 4.94.2 has an improper neutralization of line delimiters. Local users can alter the behavior of root processes because a recipient address may contain a newline character...
Astra Linux - ััะทะฒะธะผะพััั ะฒ firefox
The leakage of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137...