Export limit exceeded: 364529 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2902 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1349 | 2 Gnu, Oracle | 2 Gzip, Solaris | 2026-04-16 | N/A |
| gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. | ||||
| CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2026-04-16 | N/A |
| rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | ||||
| CVE-2026-29111 | 2 Systemd, Systemd Project | 2 Systemd, Systemd | 2026-04-15 | 5.5 Medium |
| systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available. | ||||
| CVE-2026-1750 | 2 Ecwid, Wordpress | 2 Ecwid By Lightspeed Ecommerce Shopping Cart, Wordpress | 2026-04-15 | 8.8 High |
| The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.0.7. This is due to a missing capability check in the 'save_custom_user_profile_fields' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to supply the 'ec_store_admin_access' parameter during a profile update and gain store manager access to the site. | ||||
| CVE-2026-0912 | 2 Toret, Wordpress | 2 Toret Manager, Wordpress | 2026-04-15 | 8.8 High |
| The Toret Manager plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'trman_save_option' function and on the 'trman_save_option_items' in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | ||||
| CVE-2026-1994 | 2 Clavaque, Wordpress | 2 S2member – Excellent For All Kinds Of Memberships, Content Restriction Paywalls & Member Access Subscriptions, Wordpress | 2026-04-15 | 9.8 Critical |
| The s2Member plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 260127. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. | ||||
| CVE-2026-2777 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-15 | 9.8 Critical |
| Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | ||||
| CVE-2026-29923 | 1 Entechtaiwan | 1 Powerstrip | 2026-04-15 | 7.8 High |
| The pstrip64.sys driver in EnTech Taiwan PowerStrip <=3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures. | ||||
| CVE-2026-0920 | 2 Choijun, Wordpress | 2 La-studio-element-kit-for-elementor, Wordpress | 2026-04-15 | 9.8 Critical |
| The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'lakit_bkrole' parameter during registration and gain administrator access to the site. | ||||
| CVE-2026-2144 | 2 Katsushi-kawamori, Wordpress | 2 Magic Login Mail Or Qr Code, Wordpress | 2026-04-15 | 8.1 High |
| The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.05. This is due to the plugin storing the magic login QR code image with a predictable, static filename (QR_Code.png) in the publicly accessible WordPress uploads directory during the email sending process. The file is only deleted after wp_mail() completes, creating an exploitable race condition window. This makes it possible for unauthenticated attackers to trigger a login link request for any user, including administrators, and then exploit the race condition between QR code file creation and deletion to obtain the login URL encoded in the QR code, thereby gaining unauthorized access to the targeted user's account. | ||||
| CVE-2026-2780 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-15 | 8.8 High |
| Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | ||||
| CVE-2026-2782 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-15 | 8.8 High |
| Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | ||||
| CVE-2026-34397 | 1 Himmelblau-idm | 1 Himmelblau | 2026-04-15 | 6.3 Medium |
| Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose mapped CN/short name exactly matches a privileged local group name (e.g., "sudo", "wheel", "docker", "adm") can cause the NSS module to resolve that group name to their fake primary group. If the system uses NSS results for group-based authorization decisions (sudo, polkit, etc.), this can grant the attacker the privileges of that group. This issue has been patched in versions 2.3.9 and 3.1.1. | ||||
| CVE-2026-2631 | 2 Datalogics Ecommerce Delivery, Wordpress | 2 Datalogics Ecommerce Delivery, Wordpress | 2026-04-15 | 9.8 Critical |
| The Datalogics Ecommerce Delivery WordPress plugin before 2.6.60 exposes an unauthenticated REST endpoint that allows any remote user to modify the option `datalogics_token` without verification. This token is subsequently used for authentication in a protected endpoint that allows users to perform arbitrary WordPress `update_option()` operations. Attackers can use this to enable registartion and to set the default role as Administrator. | ||||
| CVE-2024-29667 | 1 Tongtianxing Technology Co Ltd | 1 Cmsv6 | 2026-04-15 | 9.8 Critical |
| SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 through v.7.31.0.3 allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter. | ||||
| CVE-2025-9966 | 1 Novakon | 1 P Series | 2026-04-15 | N/A |
| Improper privilege management vulnerability in Novakon P series allows attackers to gain root privileges if one service is compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9). | ||||
| CVE-2025-15030 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 9.8 Critical |
| The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account | ||||
| CVE-2023-33327 | 2 Teplitsa Of Social Technologies, Wordpress | 2 Leyka, Wordpress | 2026-04-15 | 8.8 High |
| Improper Privilege Management vulnerability in Teplitsa of social technologies Leyka allows Privilege Escalation.This issue affects Leyka: from n/a through 3.30.2. | ||||
| CVE-2025-36729 | 1 Racom | 1 M!dge | 2026-04-15 | 7.2 High |
| A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid. | ||||
| CVE-2024-4988 | 2026-04-15 | 7.5 High | ||
| The mobile application (com.transsion.videocallenhancer) interface has improper permission control, which can lead to the risk of private file leakage. | ||||