CVE-2025-26435

In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2025-26435

In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2025-26435

CVE-2025-26435 affects ContentProtectionTogglePreferenceController.java and is due to a logic error in updateState that could allow a secondary user to disable the primary user's app scanning setting, enabling local privilege escalation without additional privileges or user interaction. The entry...

ASB-A-409318132

In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...

Linux Distros Unpatched Vulnerability : CVE-2025-38470

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the rx-vlan- filter feature is enabled on a net device, the 8021q module...

MAL-2025-37010 Malicious code in toggle-nose (npm)

The package toggle-nose was found to contain malicious code...

Malicious code in toggle-nose (npm)

The package toggle-nose was found to contain malicious code...

CVE-2025-24323

Improper access control in some firmware package and LED mode toggle tool for some IntelR PCIe Switch software before version MR41.0b1 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-24323

Improper access control in some firmware package and LED mode toggle tool for some IntelR PCIe Switch software before version MR41.0b1 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-24323

The CVE-2025-24323 issue affects Intel(R) PCIe Switch software (firmware package and LED mode toggle tool) prior to MR4_1.0b1. The root cause is improper access control, enabling a local, privileged user to escalate privileges. Impact is described as escalation of privilege with local access (no ...

@adaptui/react-native-tailwind (>=1.0.0-alpha.0 <=1.0.0-alpha.12), @admin-layout/gluestack-ui-mobile (>=6.5.1-alpha.0 <=12.2.4-alpha.49) +195 more potentially affected by unknown CVE via @react-native-aria/toggle (=0.2.11)

@react-native-aria/toggle NPM version =0.2.11 is affected by a known vulnerability. The following packages have a transitive dependency on @react-native-aria/toggle and may be impacted: - @adaptui/react-native-tailwind =1.0.0-alpha.0, =6.5.1-alpha.0, =1.0.1, =0.0.3, =0.1.21, =1.0.0, =0.1.0-alpha2...

CVE-2024-1689

The WooCommerce Tools plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woocommercetooltogglemodule function in all versions up to, and including, 1.2.9. This makes it possible for authenticated attackers, with subscriber-level access...

CVE-2024-5654

The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'executepostdatacg7free' function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated attackers to toggle site...

CVE-2024-12459

The Ganohrs Toggle Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'toggle' shortcode in all versions up to, and including, 0.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-2189

The Elementor Addons, Widgets and Enhancements – Stax plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the togglewidget function in versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with...

CVE-2023-21369

In Usage Access, there is a possible way to display a Settings usage access restriction toggle screen due to a permissions bypass. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2023-21175

In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2019-14795

The toggle-the-title aka Toggle The Title plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=updatetitleoptions isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter...

CVE-2025-32561

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plugins.club WPDEBUG Toggle enable-wp-debug-toggle allows Reflected XSS.This issue affects WPDEBUG Toggle: from n/a through = 1.1...

Malicious code in @sporta-technology/d11-web-components.toggle-button (npm)

--- -= Per source details. Do not edit below this line.=-...