162584 matches found
CVE-2026-35079
The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35079
The CVE-2026-35079 entry describes an issue in the ugw-restore method where a remote attacker with user privileges can delete arbitrary local files due to insufficient validation of user-controlled input. The vulnerability is assessed with high severity (CVSS 4.0: base 7.2; CVSS 3.1: base 8.1), r...
EUVD-2026-34075
The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
EUVD-2026-34074
The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35078
The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35078
CVE-2026-35078 affects the ugw-logstop method. The vulnerability allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input. According to the connected records, CVSS v4.0 base score 7.2 (HIGH) and CVSS v3.1 base score 8.1 ...
CVE-2026-35078 Arbitrary file delete vulnerability in method ugw-logstop
The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35078 Arbitrary file delete vulnerability in method ugw-logstop
The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
EUVD-2026-34073
The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35077
The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35077 Arbitrary file delete vulnerability in method ugw-delete-file
The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35077
Technical details such as affected product versions, root cause specifics, and remediation are not publicly available in the provided documents. Monitor for updates from CERT VDE and CVE listings.
EUVD-2026-34072
The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35076
The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35076
CVE-2026-35076 describes an arbitrary local file delete vulnerability in the bac-scanresult method caused by insufficient validation of user-controlled input. The issue allows a remote attacker with user privileges to delete arbitrary local files. The provided metrics indicate a high-severity imp...
CVE-2026-35076 Arbitrary file delete vulnerability in method bac-scanresult
The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35076 Arbitrary file delete vulnerability in method bac-scanresult
The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-0078
In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-59611
Memory corruption in diagnostic services due to absence of input validation...
google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...