Search Results (9535 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2693 1 Hp 1 Hp-ux 2026-04-16 N/A
HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.
CVE-2004-2694 1 Microsoft 1 Outlook Express 2026-04-16 N/A
Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".
CVE-2002-2344 1 Ensim 1 Webppliance 2026-04-16 N/A
Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address.
CVE-2002-1111 1 Mantis 1 Mantis 2026-04-16 N/A
print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted.
CVE-2004-2718 1 Php Heaven 1 Phpmychat 2026-04-16 N/A
PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request.
CVE-2002-2353 1 Tftpd32 1 Tftpd32 2026-04-16 N/A
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests.
CVE-2004-2700 1 Aspdotnetstorefront 1 Aspdotnetstorefront 2026-04-16 N/A
Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx.
CVE-2002-2407 1 Qnx 1 Rtos 2026-04-16 N/A
Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS Update Patch A, (2) /bin/shutdown, (3) /sbin/fs-pkg, and (4) phshutdown by QNX experimental patches, (5) cpim, (6) vpim, (7) phrelaycfg, and (8) columns, (9) othello, (10) peg, (11) solitaire, and (12) vpoker in the games pack 2.0.3, which allows local users to gain privileges by modifying the files before permissions are changed.
CVE-2004-2699 1 Aspdotnetstorefront 1 Aspdotnetstorefront 2026-04-16 N/A
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter.
CVE-2002-2311 2 Microsoft, Opera Software 2 Internet Explorer, Opera Web Browser 2026-04-16 N/A
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue.
CVE-2005-1425 1 Uapplication 1 Uguestbook 2026-04-16 N/A
Uapplication Uguestbook 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/guestbook.mdb.
CVE-2005-0970 1 Apple 1 Mac Os X 2026-04-16 N/A
Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.
CVE-2026-29111 2 Systemd, Systemd Project 2 Systemd, Systemd 2026-04-15 5.5 Medium
systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.
CVE-2026-3121 2 Keycloak, Redhat 8 Keycloak, Build Keycloak, Build Of Keycloak and 5 more 2026-04-15 6.5 Medium
A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other administrative functions within the realm. This privilege escalation can occur when admin permissions are enabled at the realm level.
CVE-2026-1750 2 Ecwid, Wordpress 2 Ecwid By Lightspeed Ecommerce Shopping Cart, Wordpress 2026-04-15 8.8 High
The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.0.7. This is due to a missing capability check in the 'save_custom_user_profile_fields' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to supply the 'ec_store_admin_access' parameter during a profile update and gain store manager access to the site.
CVE-2026-0912 2 Toret, Wordpress 2 Toret Manager, Wordpress 2026-04-15 8.8 High
The Toret Manager plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'trman_save_option' function and on the 'trman_save_option_items' in all versions up to, and including, 1.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
CVE-2026-1994 2 Clavaque, Wordpress 2 S2member – Excellent For All Kinds Of Memberships, Content Restriction Paywalls & Member Access Subscriptions, Wordpress 2026-04-15 9.8 Critical
The s2Member plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 260127. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
CVE-2026-2777 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 9.8 Critical
Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-29923 1 Entechtaiwan 1 Powerstrip 2026-04-15 7.8 High
The pstrip64.sys driver in EnTech Taiwan PowerStrip <=3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures.
CVE-2026-0920 2 Choijun, Wordpress 2 La-studio-element-kit-for-elementor, Wordpress 2026-04-15 9.8 Critical
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'lakit_bkrole' parameter during registration and gain administrator access to the site.