7 matches found
SUSE CVE-2026-41323
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.18.0-rc1, 1.17.2-rc1, and 1.16.4, Kyverno's apiCall feature in ClusterPolicy automatically attaches the admission controller's ServiceAccount token to outgoing HTTP requests. The service URL has n...
EUVD-2026-23388
Red Magic 11 Pro NX809J contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific...
CVE-2026-40002
Red Magic 11 Pro NX809J contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific...
CVE-2026-40002 ZTE Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations.
Red Magic 11 Pro NX809J contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific...
CVE-2026-40002
The CVE-2026-40002 entry concerns ZTE Red Magic 11 Pro (NX809J). The vulnerability arises from a lack of validation when apps access a service interface, enabling non-privileged applications to trigger sensitive operations. Reported impact in sources includes ability to write files to specific pa...
CVE-2026-40002 ZTE Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations.
Red Magic 11 Pro NX809J contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific...
Xunlei Elevation of Privilege Vulnerability
Thunderbolt is a popular P2P download tool. Xunlei has a security vulnerability, as the system service installed by Xunlei provides the function of loading dynamic link libraries, but is not validated, allowing an attacker to exploit the vulnerability by executing code as SYSTEM under any user,...