350 matches found
CVE-2026-14544
A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...
Linux Distros Unpatched Vulnerability : CVE-2026-13903
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTM...
DEBIAN-CVE-2026-13903
Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14078
CVE-2026-14078 : Insufficient validation of untrusted input in WebRTC within Google Chrome (Chromium) before 150.0.7871.47 allows a remote attacker to escalate privileges via a crafted HTML page. Affects Chrome/Chromium WebRTC components; impact described as high for confidentiality, integrity, a...
CVE-2026-14078
Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
EUVD-2025-210215
In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48640
In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-11494
CVE-2026-11494 affects TOTOLINK AC1200 T8 firmware 4.1.5cu.8611, specifically an issue in the /etc/vsftpd.conf configuration of the vsftpd component. The described vulnerability arises from manipulation of the vsftpd.conf-related function, resulting in a least privilege violation. The advisory in...
CVE-2026-32658
Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2026-6912
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
CVE-2026-11170
CVE-2026-11170 describes an insecure implementation in Chromoting within Google Chrome on Linux, where a remote attacker could achieve OS‑level privilege escalation through malicious network traffic prior to Chrome/Chromium 149.0.7827.53. The issue affects the Chromoting component and is identifi...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient validation for untrusted inputs, which could allow remote attackers to escalate their privileges...
CVE-2026-0097
In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-33843
Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges over a network...
Astra Linux – Vulnerability in etcd
An authentication vulnerability has been discovered in Etcd-io v.3.4.10. This vulnerability allows remote attackers to escalate privileges through the debug function...
ROS-20260506-73-0029
Vulnerability in tomcat11 related to a flaw in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...
PT-2026-35028
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
PT-2026-30789
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation...
PT-2026-28087
An issue in ralphje Signify before v.0.9.2 allows a remote attacker to escalate privileges via the signed data.py and the context.py components...
CVE-2026-0111
In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...