1738 matches found
The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.
The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
CVE-2026-14719
CVE-2026-14719 describes a privilege-management flaw in SourceCodester Onlne Examination & Learning Management System 1.0. The vulnerable component is the register.php file of the Registration Endpoint. An attacker can manipulate the role parameter to achieve improper privilege management, and th...
EUVD-2026-41733
A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The...
ZenML ZenML Server - Improper Authentication
ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/usernameorid/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. id: CVE-2024-25723 info:...
CVE-2026-20458
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-20458
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-20458
CVE-2026-20458 affects the Modem with a memory corruption via a missing bounds check. This could enable remote escalation of privilege if a UE connects to a rogue base station, with no extra execution privileges required and no user interaction. Exploitation is described as adjacent access under ...
EUVD-2026-40871
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...
DEBIAN-CVE-2026-14078
Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14041
Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14036
Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13928
Insufficient validation of untrusted input in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13903
CVE-2026-13903 affects Google Chrome’s Bluetooth implementation. The connected records describe insufficient policy enforcement in Chrome prior to version 150.0.7871.47, enabling privilege escalation via a crafted HTML page. There is no explicit exploitation detail or confirmed in-the-wild use in...
CVE-2026-13903
Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13897
Insufficient policy enforcement in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
PT-2026-54205
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the Enterprise component allows a remote attacker to perform privilege escalation through the use of a crafted HTML page. Recommendations...
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit users documents with duplicate keysfor 'roles' used for access control within the database, including the special case 'admin' role, th...
ROS-20260622-73-0008
The vulnerability of the WebRender component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in the Updater component of Google Chrome prior to version 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation through a malicious file. Chromium security severity: High...
Astra Linux – Vulnerability in python-gevent
A vulnerability in Gevent prior to version 23.9.0 allows a remote attacker to escalate privileges through a crafted script to the WSGIServer component...