223 matches found
CVE-2026-14052
Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11466
A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...
Linux Distros Unpatched Vulnerability : CVE-2026-11210
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Safe Browsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a...
CVE-2026-11210
Inappropriate implementation in Safe Browsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted RAR file. Chromium security severity: Medium...
CVE-2026-11210
CVE-2026-11210 concerns Google Chrome’s Safe Browsing component. The issue is an inappropriate implementation that allows a remote attacker to bypass discretionary access control via a crafted RAR file, affecting Chrome builds prior to 149.0.7827.53 . The vulnerability is remote, requires user in...
CVE-2026-9517
A vulnerability was determined in hemant6488 CodeIgniter-StudentManagementSystem. The affected element is an unknown function of the file /index.php/students/addStudentView of the component Student Management Handler. Executing a manipulation can lead to improper access controls. The attack can b...
CVE-2026-9412
Technical details about CVE-2026-9412 are not publicly available in the provided documents. Monitor sources for updates on affected components, impact, and remediation.
Siemens SINEC NMS 数据伪造问题漏洞
Siemens SINEC NMS is a network management system developed by Siemens in Germany. This system can be used for round-the-clock centralized monitoring, management, and configuration of industrial networks containing tens of thousands of devices, including those related to security applications...
CVE-2026-5526
CVE-2026-5526 affects Tenda 4G03 Pro devices (firmware up to 1.0/1.1/04.03.01.53/192.168.0.1). The vulnerability targets an unknown functionality of the /bin/httpd binary, causing improper access controls. Reported as exploitable remotely, with public exploit code available. Multiple connected so...
EUVD-2026-17060
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgpevpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to ha...
PT-2026-26887
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
CVE-2026-4193
A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function...
CVE-2025-15597
Summary of CVE-2025-15597 (Dataease SQLBot) : A vulnerability affects SQLBot up to version 1.4.0 in the API Endpoint component, specifically the file backend/apps/system/api/assistant.py. The issue enables manipulation that leads to improper access controls and can be exploited remotely. Public d...
CVE-2026-2206
A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...
CVE-2026-2009
A flaw has been found in SourceCodester Gas Agency Management System 1.0. This issue affects some unknown processing of the file /gasmark/phpaction/createUser.php. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-2009
A flaw has been found in SourceCodester Gas Agency Management System 1.0. This issue affects some unknown processing of the file /gasmark/phpaction/createUser.php. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-1964
A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file models/boards.js of the component REST Endpoint. This manipulation causes improper access controls. Remote exploitation of the attack is possible. Upgrading to version 8.21 will fix this issue. Patch...
CVE-2026-1734
A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...
CVE-2009-4913
The IPv6 implementation on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622...
CVE-2020-12669
core/getmenudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter...