Vulnérabilités
Aggrégat CVE / GHSA / KEV / OSV — filtrage par étiquette et catégorie.
| ID | Titre | |
|---|---|---|
| CVE-2026-50656 |
|
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in...
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in...
|
| CVE-2025-31272 |
|
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app...
|
| CVE-2026-45207 |
|
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
|
| CVE-2026-34930 |
|
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
|
| CVE-2026-34929 |
|
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
|
| CVE-2026-34928 |
|
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
|
| CVE-2026-27648 |
|
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
|
| CVE-2026-25781 |
|
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.
|
| CVE-2026-24792 |
|
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
|
| CVE-2026-41702 |
|
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
|
| CVE-2024-51092 |
|
Injection de commande OS dans command-injection (CVE-2024-51092)
injection de commande OS dans command-injection (CVE-2024-51092). Des informations confidentielles peuvent être exposées. Exploitable via ``version_netsnmp``.
|
| CVE-2026-43944 |
|
Vulnérabilité dans electerm (CVE-2026-43944)
vulnérabilité dans electerm (CVE-2026-43944). L'exploitation peut entraîner la prise de contrôle totale du système. Exploitable via ``opts``. Atténuation : mise à jour vers `> 3.8.8` ou plus.
|
| CVE-2026-6973 KEV |
|
[KEV] Vulnérabilité dans Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnérabilité dans Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risque d'opérations non autorisées ou de divulgation. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2026-43208 |
|
Vulnérabilité dans linux (CVE-2026-43208)
vulnérabilité dans linux (CVE-2026-43208). L'exploitation peut entraîner la prise de contrôle totale du système.
|
| CVE-2026-43205 |
|
In the Linux kernel, the following vulnerability has been resolved:
dpaa2-switch: validate...
In the Linux kernel, the following vulnerability has been resolved:
dpaa2-switch: validate...
|
| CVE-2026-43196 |
|
In the Linux kernel, the following vulnerability has been resolved:
soc: ti: pruss: Fix double...
In the Linux kernel, the following vulnerability has been resolved:
soc: ti: pruss: Fix double...
|
| CVE-2026-43198 |
|
Vulnérabilité dans linux (CVE-2026-43198)
vulnérabilité dans linux (CVE-2026-43198). L'exploitation peut entraîner la prise de contrôle totale du système.
|
| CVE-2026-43197 |
|
Vulnérabilité dans linux (CVE-2026-43197)
vulnérabilité dans linux (CVE-2026-43197). Des informations confidentielles peuvent être exposées.
|
| CVE-2026-43186 |
|
Vulnérabilité dans c (CVE-2026-43186)
vulnérabilité dans c (CVE-2026-43186). L'exploitation peut entraîner la prise de contrôle totale du système.
|
| CVE-2026-43185 |
|
Vulnérabilité dans linux (CVE-2026-43185)
vulnérabilité dans linux (CVE-2026-43185). L'exploitation peut entraîner la prise de contrôle totale du système.
|
| CVE-2026-43125 |
|
Écriture hors limites dans linux (CVE-2026-43125)
écriture hors limites dans linux (CVE-2026-43125). L'exploitation peut entraîner la prise de contrôle totale du système.
|
| CVE-2026-43117 |
|
Vulnérabilité dans linux (CVE-2026-43117)
vulnérabilité dans linux (CVE-2026-43117). Des informations confidentielles peuvent être exposées.
|
| CVE-2026-43114 |
|
Vulnérabilité dans c (CVE-2026-43114)
vulnérabilité dans c (CVE-2026-43114). Des informations confidentielles peuvent être exposées.
|
| CVE-2026-43083 |
|
Vulnérabilité dans linux (CVE-2026-43083)
vulnérabilité dans linux (CVE-2026-43083). Des informations confidentielles peuvent être exposées.
|
| CVE-2026-0300 KEV |
|
[KEV] Écriture hors limites dans Palo alto networks palo-alto-networks (CVE-2026-0300)
écriture hors limites dans Palo alto networks palo-alto-networks (CVE-2026-0300). Risque d'opérations non autorisées ou de divulgation. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2026-43067 |
|
Vulnérabilité dans linux (CVE-2026-43067)
vulnérabilité dans linux (CVE-2026-43067). L'exploitation peut entraîner la prise de contrôle totale du système.
|
| CVE-2026-43038 |
|
Vulnérabilité dans linux (CVE-2026-43038)
vulnérabilité dans linux (CVE-2026-43038). L'exploitation peut entraîner la prise de contrôle totale du système.
|
| CVE-2026-31780 |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: wilc1000: fix u8...
In the Linux kernel, the following vulnerability has been resolved:
wifi: wilc1000: fix u8...
|
| CVE-2026-31773 |
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: SMP: derive legacy responder STK authentication from MITM state
The legacy responder path in smp_random() currently lab...
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: SMP: derive legacy responder STK authentication from MITM state
The legacy responder path in smp_random() currently labels the stored
STK as authenticated whenever pending_sec_level is BT_SECURITY_HIGH.
That reflects wh...
|
| CVE-2026-31772 |
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sync: fix...
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sync: fix...
|
| CVE-2026-31431 KEV |
|
[KEV] Vulnérabilité dans Linux redhat (CVE-2026-31431)
vulnérabilité dans Linux redhat (CVE-2026-31431). L'exploitation peut entraîner la prise de contrôle totale du système. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2026-6849 |
|
Improper neutralization of special elements used in an OS command ('OS command injection')...
Improper neutralization of special elements used in an OS command ('OS command injection')...
|
| CVE-2026-5141 |
|
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment...
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment...
|
| CVE-2026-5140 |
|
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM...
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM...
|
| CVE-2025-29635 KEV |
|
[KEV] Injection de commande dans D-link dir-823x (CVE-2025-29635)
injection de commande dans D-link dir-823x (CVE-2025-29635). Risque d'opérations non autorisées ou de divulgation. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2026-39987 KEV |
|
[KEV] Vulnérabilité dans Marimo remote-attack (CVE-2026-39987)
vulnérabilité dans Marimo remote-attack (CVE-2026-39987). Risque d'opérations non autorisées ou de divulgation. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2026-33825 KEV |
|
[KEV] Vulnérabilité dans Microsoft defender (CVE-2026-33825)
vulnérabilité dans Microsoft defender (CVE-2026-33825). Risque d'opérations non autorisées ou de divulgation. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2026-34197 KEV |
|
[KEV] Vulnérabilité dans Apache activemq (CVE-2026-34197)
vulnérabilité dans Apache activemq (CVE-2026-34197). Risque d'opérations non autorisées ou de divulgation. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2023-36424 KEV |
|
[KEV] Lecture hors limites dans Microsoft windows (CVE-2023-36424)
vulnérabilité dans Microsoft windows (CVE-2023-36424). Risque d'opérations non autorisées ou de divulgation. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2025-60710 KEV |
|
[KEV] Vulnérabilité dans Microsoft windows (CVE-2025-60710)
vulnérabilité dans Microsoft windows (CVE-2025-60710). Risque d'opérations non autorisées ou de divulgation. Inscrit au CISA KEV — exploitation active confirmée.
|
| CVE-2026-23862 |
|
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local...
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
|
| CVE-2026-23230 |
|
In the Linux kernel, the following vulnerability has been resolved:
smb: client: split...
In the Linux kernel, the following vulnerability has been resolved:
smb: client: split...
|
| CVE-2025-24170 |
|
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13...
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13...
|
| CVE-2022-46152 |
|
OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The funct...
OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function `cleanup_shm_refs()` is called by both `entry_invoke_command()` and `entry_open_session()`. The...
|
| CVE-2020-17103 |
|
, aka 'Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability'. This CVE ID...
, aka 'Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability'. This CVE ID...
|
| CVE-2015-8325 |
|
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows loca...
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demons...
|
| CVE-2015-6564 |
|
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in...
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in...
|