Vulnerabilites CVE

A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated, adjacent attacker with ad...

AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrar...

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//)...

Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentia...

A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticated user to execute code with elevated privileges.

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralizati...

Insecure inherited permissions for some Intel(R) Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary wi...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NYSL Spam Protect for Contact Form 7 wp-contact-form-7-spam-blocker allows Path Traversal.This issue aff...

A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. W...

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading t...

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to ...

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.8.4` contains a Windows-only command injection issue in the orphaned Chrome cleanup path. W...

Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.

Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated u...

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may a...

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able ...

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0 all versions allows an authen...

Tanium addressed a local privilege escalation vulnerability in Tanium Server.

Incorrect default permissions for some Intel(R) Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticate...

Improper neutralization of special elements used in a command ('command injection') in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.

An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files during installation by placing a malicious DLL in adva...

Incorrect default permissions for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications ...

Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of ...

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a bug in `download` skill installation allowed `targetDir` values from skill frontmatter to resolve outside the per-skill tools directo...

Incorrect default permissions for some Intel(R) Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversa...

PsySH is a runtime developer console, interactive debugger, and REPL for PHP. Prior to versions 0.11.23 and 0.12.19, PsySH automatically loads and executes a `.psysh.php` file from the Current Working...

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform ...

Tanium addressed a local privilege escalation vulnerability in Tanium Module Server.

Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalati...

Incorrect permission assignment for critical resource for some System Firmware Update Utility (SysFwUpdt) for Intel(R) Server Boards and Intel(R) Server Systems Based before version 16.0.12. within Ri...

Incorrect default permissions for some Intel(R) Memory and Storage Tool before version 2.5.2 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an au...

Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through va...

Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.

A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow...

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13...

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.1 through 7.4.12, FortiWeb 7.2.7 through 7.2.12, FortiWeb 7.0.10 through 7....

Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. T...

A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input vali...

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS command injection vulnerability. A high privileged attacker...

Bluetooth ACPI Drivers provided by Dynabook Inc. contain a stack-based buffer overflow vulnerability. An attacker may execute arbitrary code by modifying certain registry values.

Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated u...

In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerabili...

A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnal...

FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, server names containing shell metacharacters (e.g., &) can cause command injection on Windows when passed to fa...

Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vu...