Логотип exploitDog
source:"nvd"
Консоль
Логотип exploitDog

exploitDog

source:"nvd"

Количество 331 703

Количество 331 703

nvd логотип

CVE-2026-20982

6 дней назад

Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.

CVSS3: 6
EPSS: Низкий
nvd логотип

CVE-2026-20981

6 дней назад

Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.

CVSS3: 6.6
EPSS: Низкий
nvd логотип

CVE-2026-20980

6 дней назад

Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to execute arbitrary commands.

CVSS3: 6.8
EPSS: Низкий
nvd логотип

CVE-2026-20979

6 дней назад

Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.

CVSS3: 7.8
EPSS: Низкий
nvd логотип

CVE-2026-20978

6 дней назад

Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.

CVSS3: 6.1
EPSS: Низкий
nvd логотип

CVE-2026-20977

6 дней назад

Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning.

CVSS3: 5.5
EPSS: Низкий
nvd логотип

CVE-2026-20976

около 1 месяца назад

Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script.

CVSS3: 7.8
EPSS: Низкий
nvd логотип

CVE-2026-20975

около 1 месяца назад

Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path.

CVSS3: 5.5
EPSS: Низкий
nvd логотип

CVE-2026-20974

около 1 месяца назад

Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock.

CVSS3: 4.6
EPSS: Низкий
nvd логотип

CVE-2026-20973

около 1 месяца назад

Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory.

CVSS3: 5.3
EPSS: Низкий
nvd логотип

CVE-2026-20972

около 1 месяца назад

Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB.

CVSS3: 3.3
EPSS: Низкий
nvd логотип

CVE-2026-20971

около 1 месяца назад

Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.

CVSS3: 7.8
EPSS: Низкий
nvd логотип

CVE-2026-20970

около 1 месяца назад

Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs.

CVSS3: 7.8
EPSS: Низкий
nvd логотип

CVE-2026-20969

около 1 месяца назад

Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.

CVSS3: 5.5
EPSS: Низкий
nvd логотип

CVE-2026-20968

около 1 месяца назад

Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.

CVSS3: 6.7
EPSS: Низкий
nvd логотип

CVE-2026-20965

28 дней назад

Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVSS3: 7.5
EPSS: Низкий
nvd логотип

CVE-2026-20963

28 дней назад

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS3: 8.8
EPSS: Низкий
nvd логотип

CVE-2026-20962

28 дней назад

Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.

CVSS3: 4.4
EPSS: Низкий
nvd логотип

CVE-2026-20960

25 дней назад

Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.

CVSS3: 8
EPSS: Низкий
nvd логотип

CVE-2026-20959

28 дней назад

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVSS3: 4.6
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2026-20982

Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.

CVSS3: 6
0%
Низкий
6 дней назад
nvd логотип
CVE-2026-20981

Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.

CVSS3: 6.6
0%
Низкий
6 дней назад
nvd логотип
CVE-2026-20980

Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to execute arbitrary commands.

CVSS3: 6.8
0%
Низкий
6 дней назад
nvd логотип
CVE-2026-20979

Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.

CVSS3: 7.8
0%
Низкий
6 дней назад
nvd логотип
CVE-2026-20978

Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.

CVSS3: 6.1
0%
Низкий
6 дней назад
nvd логотип
CVE-2026-20977

Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning.

CVSS3: 5.5
0%
Низкий
6 дней назад
nvd логотип
CVE-2026-20976

Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script.

CVSS3: 7.8
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20975

Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path.

CVSS3: 5.5
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20974

Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock.

CVSS3: 4.6
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20973

Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory.

CVSS3: 5.3
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20972

Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB.

CVSS3: 3.3
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20971

Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.

CVSS3: 7.8
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20970

Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs.

CVSS3: 7.8
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20969

Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.

CVSS3: 5.5
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20968

Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.

CVSS3: 6.7
0%
Низкий
около 1 месяца назад
nvd логотип
CVE-2026-20965

Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVSS3: 7.5
0%
Низкий
28 дней назад
nvd логотип
CVE-2026-20963

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS3: 8.8
1%
Низкий
28 дней назад
nvd логотип
CVE-2026-20962

Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.

CVSS3: 4.4
0%
Низкий
28 дней назад
nvd логотип
CVE-2026-20960

Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.

CVSS3: 8
0%
Низкий
25 дней назад
nvd логотип
CVE-2026-20959

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVSS3: 4.6
0%
Низкий
28 дней назад

Уязвимостей на страницу