57 matches found
Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation
Exploit Title: Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation Exploit Details: https://xavibel.com/2025/12/22/using-vulnerable-drivers-in-red-team-exercises/ Date: 8/12/2025 Exploit Author: Xavi Beltran Vendor Homepage:...
CVE-2026-40259
SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id directly to a model...
CVE-2026-34214
Trino’s Iceberg REST catalog vulnerability (CVE-2026-34214) affects versions 439–479, where static or vended credentials used by the Iceberg REST catalog could be accessed by users with SQL write privileges via query JSON. The issue has been patched in version 480. Affected users should upgrade t...
EUVD-2026-17459
Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials access key or vended credentials temporary access key are accessible to users that have write privilege on SQL level. This issue has been patch...
CVE-2026-34214 Trino: Iceberg REST catalog static and vended credentials are accessible via query JSON
Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials access key or vended credentials temporary access key are accessible to users that have write privilege on SQL level. This issue has been patch...
CVE-2026-34214 Trino: Iceberg REST catalog static and vended credentials are accessible via query JSON
Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials access key or vended credentials temporary access key are accessible to users that have write privilege on SQL level. This issue has been patch...
CVE-2022-26743
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.4. An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges...
CVE-2019-2016
In NFASendRawFrame of nfadmapi.cc, there is a possible out-of-bound write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...
CVE-2024-33507
An insufficient session expiration vulnerability CWE-613 and an incorrect authorization vulnerability CWE-863 in FortiIsolator 2.4.0 through 2.4.4, 2.3 all versions, 2.2.0, 2.1 all versions, 2.0 all versions authentication mechanism may allow remote unauthenticated attacker to deauthenticate logg...
CVE-2024-33507
An insufficient session expiration vulnerability CWE-613 and an incorrect authorization vulnerability CWE-863 in FortiIsolator 2.4.0 through 2.4.4, 2.3 all versions, 2.2.0, 2.1 all versions, 2.0 all versions authentication mechanism may allow remote unauthenticated attacker to deauthenticate logg...
EUVD-2019-11677
Malware in sbrugna...
EUVD-2018-21150
Malware in sbrugna...
EUVD-2020-1616
Malware in sbrugna...
EUVD-2019-11741
Malware in sbrugna...
EUVD-2021-26150
Malware in sbrugna...
EUVD-2025-10074
Malicious code in bioql PyPI...
EUVD-2022-45590
Malicious code in bioql PyPI...
EUVD-2022-45592
Malicious code in bioql PyPI...
EUVD-2022-25856
Malicious code in bioql PyPI...
EUVD-2023-51556
Malicious code in bioql PyPI...