611 matches found
CVE-2026-14736 Ruijie RG-UAC user_auth_commit.php unrestricted upload
A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-14736
Ruijie RG-UAC up to version 1.0-R1.8.2.p5 contains a vulnerability in an unknown function of file user_auth_commit.php. Manipulating the upload_image argument allows unrestricted file upload, enabling remote exploitation. The vulnerability is publicly disclosed and could be used by attackers. No ...
CVE-2026-14736
A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...
EUVD-2026-41744
A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-46018
ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES...
📄 Remote Sunrise Helper for Windows 2026.14 UAC Bypass
Remote Sunrise Helper for Windows version 2026.14 suffers from an unauthenticated UAC bypass vulnerability that enables remote code execution via /api/executeScript. !/usr/bin/env python3 Exploit Title: Remote Sunrise Helper for Windows 2026.14 - Unauthenticated UAC Bypass Elevated CMD Date:...
Windows-privilege-exploits
Elevation !Windowshttps://img.shields.io/badge/platform-Wi...
CVE-2026-40032 UAC < 3.3.0-rc1 Command Injection via Placeholder Substitution
UAC Unix-like Artifacts Collector before 3.3.0-rc1 contains a command injection vulnerability in the placeholder substitution and command execution pipeline where the runcommand function passes constructed command strings directly to eval without proper sanitization. Attackers can inject shell...
EUVD-2026-17476
Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...
CVE-2026-22561
Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...
CVE-2026-22561
Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...
SUSE CVE-2026-23318
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Use correct version for UAC3 header validation The entry of the validators table for UAC3 AC header descriptor is defined with the wrong protocol version UACVERSION2, while it should have been UACVERSION3. This...
CVE-2026-23318
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Use correct version for UAC3 header validation The entry of the validators table for UAC3 AC header descriptor is defined with the wrong protocol version UACVERSION2, while it should have been UACVERSION3. This...
CVE-2024-55027
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...
CVE-2024-55027
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...
CVE-2024-55027
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities...
CVE-2026-23755
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious...
PT-2026-3843
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious...
Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government
The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. "This organization has continued to conduct high-intensity intelligence gathering activities again...