CVE-2026-24092

Memory Corruption when processing fastboot commands to set display mode...

CVE-2026-24090

Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow...

CVE-2026-24085

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-24087

Memory corruption while processing fastboot OEM commands...

CVE-2026-10300

A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/loramanager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lorapath leads to reachable assertion. The attack can be launched...

CVE-2026-24089

Memory corruption while processing fastboot commands with invalid input...

CVE-2026-10299

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

CVE-2026-24091

Memory corruption while processing fastboot commands with improperly formatted input...

CVE-2026-24088

Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...

CVE-2026-10295

A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function addreview/savereview/getallreviews of the file reviewapp.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approac...

CVE-2026-10296

A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

CVE-2026-10298

A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and...

CVE-2026-10297

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /managecourse.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

CVE-2025-59612

Memory corruption in windows drivers while sending incorrect trusted application request...

CVE-2025-59614

Memory Corruption when sending random number generator command with insufficient output buffer size...

CVE-2025-59609

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

CVE-2025-59610

Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...

CVE-2025-59611

Memory corruption in diagnostic services due to absence of input validation...

CVE-2025-59613

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

CVE-2025-59605

Memory Corruption when processing device identifier strings that exceed the expected maximum length...

CVE-2025-59604

Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer...

CVE-2025-59606

Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization...

CVE-2025-59601

Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration...

CVE-2019-25718

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

CVE-2026-28580

In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-28581

In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an emergency call due to a logic error in the code. This could lead to local with null execution privileges needed. User interaction is null for exploitation...

CVE-2026-40964

Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and platform component via minting a JWT that the cf-auth-proxy accepts as a valid logs.admin token...

CVE-2026-40965

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC Elliptic Curve private keys are inadvertently exposed through the public /tokenkeys endpoint. This endpoint is designed to provide public key material for JW...

CVE-2026-49491

Pixa Bank 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to extract sensitive data by injecting SQL code into the 'rib' parameter. Attackers can send POST requests to the agence-ajax.php endpoint with UNION-based SQL payloads to retrieve user information includi...

CVE-2026-28586

In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-10293

A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/formFireWall. This manipulation of the argument Profile causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be...

CVE-2026-28578

In multiple functions of DevicePolicyManagerService.java, there is a possible desync from persistence due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-10291

A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient...

CVE-2026-28577

In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-10292

A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2026-10294

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...

CVE-2026-0100

In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0095

In l2cfcrclonebuf of l2cfcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2026-0097

In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-10290

A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack can be launched...

CVE-2026-0099

In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2026-0096

In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0098

In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0085

In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0086

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0080

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0089

In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0079

In multiple functions of ubsanthrowingruntime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0094

In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

CVE-2026-0088

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...