3315 matches found
Privilege Escalation
AWS Advanced JDBC Wrapper is vulnerable to Privilege Escalation. The vulnerability is due to an untrusted search path issue in the GlobalDatabasePlugin, where a low-privileged authenticated user can create a crafted function that is executed when another user connects through the affected wrapper...
CVE-2026-35076
The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35085
A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...
CVE-2026-35081
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
CVE-2026-35083
A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...
CVE-2026-35079
The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35080
The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35082
The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...
CVE-2026-35077
The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
EUVD-2019-20171
AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code...
PT-2026-46205
AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code...
CVE-2026-35085
A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...
CVE-2026-35080
The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35083
A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...
CVE-2026-35081
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
CVE-2026-35076
The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35078
The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35077
The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
EUVD-2026-34081
A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...
CVE-2026-35085 Stack buffer overflow in method gdv-serverconfig
A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...