Lucene search
K

350 matches found

NVD
NVD
added 2026/07/03 8:16 a.m.6 views

CVE-2026-14544

A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...

9.8CVSS0.00511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTM...

8.8CVSS6.2AI score0.00345EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13903

Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.8AI score0.00345EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14078

CVE-2026-14078 : Insufficient validation of untrusted input in WebRTC within Google Chrome (Chromium) before 150.0.7871.47 allows a remote attacker to escalate privileges via a crafted HTML page. Affects Chrome/Chromium WebRTC components; impact described as high for confidentiality, integrity, a...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.4 views

CVE-2026-14078

Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

8.8CVSS5.8AI score0.00253EPSS
Exploits0
EUVD
EUVD
added 2026/06/17 6:35 p.m.11 views

EUVD-2025-210215

In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8CVSS5.7AI score0.00094EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/17 5:53 a.m.31 views

CVE-2025-48640

In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00094EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 6:0 a.m.35 views

CVE-2026-11494

CVE-2026-11494 affects TOTOLINK AC1200 T8 firmware 4.1.5cu.8611, specifically an issue in the /etc/vsftpd.conf configuration of the vsftpd component. The described vulnerability arises from manipulation of the vsftpd.conf-related function, resulting in a least privilege violation. The advisory in...

5.3CVSS5.2AI score0.00215EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.10 views

CVE-2026-32658

Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...

8.8CVSS5.5AI score0.00235EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.10 views

CVE-2026-6912

Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...

8.8CVSS5.6AI score0.00419EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:5 p.m.20 views

CVE-2026-11170

CVE-2026-11170 describes an insecure implementation in Chromoting within Google Chrome on Linux, where a remote attacker could achieve OS‑level privilege escalation through malicious network traffic prior to Chrome/Chromium 149.0.7827.53. The issue affects the Chromoting component and is identifi...

8.1CVSS5.8AI score0.00238EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient validation for untrusted inputs, which could allow remote attackers to escalate their privileges...

7.5CVSS5.3AI score0.00285EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/01 9:14 p.m.33 views

CVE-2026-0097

In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00121EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 10:3 p.m.6 views

CVE-2026-33843

Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges over a network...

9.1CVSS5.8AI score0.00473EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in etcd

An authentication vulnerability has been discovered in Etcd-io v.3.4.10. This vulnerability allows remote attackers to escalate privileges through the debug function...

9.8CVSS6.8AI score0.01605EPSS
Exploits0References1
Redos
Redos
added 2026/05/06 12:0 a.m.8 views

ROS-20260506-73-0029

Vulnerability in tomcat11 related to a flaw in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

9.1CVSS5.8AI score0.00715EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-35028

Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...

8.8CVSS5.5AI score0.00419EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30789

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation...

8CVSS6.1AI score0.00294EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.9 views

PT-2026-28087

An issue in ralphje Signify before v.0.9.2 allows a remote attacker to escalate privileges via the signed data.py and the context.py components...

5.8AI score0.00343EPSS
Exploits0References6
NVD
NVD
added 2026/03/10 9:16 p.m.5 views

CVE-2026-0111

In nsGetUserData of nsSmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS0.00306EPSS
Exploits0References2
Rows per page
Query Builder