Lucene search
+L

413 matches found

nvd
nvd
added yesterday9 views

CVE-2026-8920

Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On...

8.5CVSS0.0009EPSS
Exploits0References1
cve
cve
added yesterday9 views

CVE-2026-8920

The vulnerability CVE-2026-8920 concerns ASUS Aura Wallpaper Service. It describes Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path, enabling a local user to perform file operations by sending crafted commands that contain an arbitrary ...

8.5CVSS6.2AI score0.0009EPSS
Exploits0References1
cvelist
cvelist
added yesterday35 views

CVE-2026-8920

Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On...

8.5CVSS0.0009EPSS
Exploits0References1
euvd
euvd
added yesterday6 views

EUVD-2026-44586

Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On...

8.5CVSS6.2AI score0.0009EPSS
Exploits0References1
nvd
nvd
added 6 days ago13 views

CVE-2026-21043

Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege...

6.7CVSS0.00129EPSS
Exploits0References1
euvd
euvd
added 6 days ago5 views

EUVD-2026-42814

Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege...

6.7CVSS5.9AI score0.00129EPSS
Exploits0References1
cve
cve
added 6 days ago8 views

CVE-2026-21043

CVE-2026-21043 describes a path traversal in the Wallpaper service prior to SMR Jul-2026 Release 1, enabling local attackers with system server privileges to access files. Impact: Confidentiality affected (HIGH) as per Samsung’s CVSS; exploitation details and fixes are not provided in the connect...

6.7CVSS5.9AI score0.00129EPSS
Exploits0References1
attackerkb
attackerkb
added 6 days ago5 views

CVE-2026-21043

Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege...

6.7CVSS5.9AI score0.00129EPSS
Exploits0References2
cvelist
cvelist
added 6 days ago35 views

CVE-2026-21043

Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege...

6.7CVSS0.00129EPSS
Exploits0References1
securelist
securelist
added 2026/06/16 9:0 a.m.18 views

Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk

Since late 2025, malware has been spreading rapidly through the Steam Workshop, the gaming platform's built-in service for players to create and share custom content. The attackers are primarily targeting gamers in China and Russia, aiming to hijack their accounts. To pull this off, they are...

5.5AI score
Exploits0
thn
thn
added 2026/06/15 11:7 a.m.27 views

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic

Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program PUP family. The cluster spans 38 separate Chrome Web Store publisher accounts and three brand backends: tabplugins.com,...

5.5AI score
Exploits0
euvd
euvd
added 2026/06/05 10:15 a.m.14 views

EUVD-2026-34798

Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information...

6.4CVSS5.4AI score0.00093EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/05 10:15 a.m.7 views

CVE-2026-21026

Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information...

6.4CVSS5.5AI score0.00093EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.19 views

PT-2026-46916

Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information...

6.4CVSS5.4AI score0.00093EPSS
Exploits0References2
fedora
fedora
added 2026/04/16 11:42 p.m.8 views

[SECURITY] Fedora 44 Update: plasma-login-manager-6.6.4-1.fc44

Plasma Login provides a display manager for KDE Plasma and with an new frontend providing a greeter, wallpaper plugin integration and a System Settings module KCM...

5.8AI score
Exploits0
euvd
euvd
added 2026/03/21 6:31 p.m.6 views

EUVD-2019-19899

Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to...

8.8CVSS6.2AI score0.00338EPSS
Exploits1References5
nvd
nvd
added 2026/03/21 4:16 p.m.7 views

CVE-2019-25576

Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to...

8.8CVSS0.00338EPSS
Exploits1References4
attackerkb
attackerkb
added 2026/03/21 3:30 p.m.3 views

CVE-2019-25576

Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to...

8.8CVSS6.2AI score0.00338EPSS
Exploits1References4Affected Software1
vulnrichment
vulnrichment
added 2026/03/21 3:30 p.m.1 views

CVE-2019-25576 Kepler Wallpaper Script 1.1 SQL Injection via category

Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to...

8.8CVSS6.2AI score0.00338EPSS
Exploits1References4
cve
cve
added 2026/03/21 3:30 p.m.13 views

CVE-2019-25576

CVE-2019-25576 affects Kepler Wallpaper Script 1.1 and is described as an SQL injection in the category parameter. An unauthenticated attacker can send GET requests with URL-encoded SQL UNION statements to retrieve data such as usernames, database names, and MySQL version details. The connected s...

8.8CVSS6.2AI score0.00338EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder