11 matches found
CVE-2026-15702
A security vulnerability has been detected in tamagui up to 2.3.0. This affects the function updateConfig of the file code/core/web/src/config.ts. Such manipulation leads to improperly controlled modification of object prototype attributes. The attack may be performed from remote. Upgrading to...
CVE-2026-15702 tamagui config.ts updateConfig prototype pollution
A security vulnerability has been detected in tamagui up to 2.3.0. This affects the function updateConfig of the file code/core/web/src/config.ts. Such manipulation leads to improperly controlled modification of object prototype attributes. The attack may be performed from remote. Upgrading to...
CVE-2026-15702 tamagui config.ts updateConfig prototype pollution
A security vulnerability has been detected in tamagui up to 2.3.0. This affects the function updateConfig of the file code/core/web/src/config.ts. Such manipulation leads to improperly controlled modification of object prototype attributes. The attack may be performed from remote. Upgrading to...
CVE-2026-15702
CVE-2026-15702 affects tamagui up to version 2.3.0. The vulnerability is in updateConfig (code/core/web/src/config.ts) and enables improper modification of object prototype attributes, with remote exploitation possible. A fix is available in version 2.3.1, and the patch is identified by the commi...
GO-2025-3768 Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor...
Velociraptor vulnerable to privilege escalation via UpdateConfig artifact
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...
GHSA-GPFC-MPH4-QM24 Velociraptor vulnerable to privilege escalation via UpdateConfig artifact
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...
CVE-2025-6264 Velociraptor priviledge escalation via UpdateConfig artifact
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...
CVE-2025-6264 Velociraptor priviledge escalation via UpdateConfig artifact
Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...
CVE-2025-6264
Velociraptor CVE-2025-6264 describes privilege escalation via the Admin.Client.UpdateClientConfig artifact. The issue arises because this artifact does not enforce an additional required permission, allowing users with COLLECT_CLIENT (usually Investigator) to collect it and update configuration. ...
CompleteFTP Professional 12.1.3 - Remote Code Execution
Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...