Lucene search
K

986 matches found

CVE
CVE
added 5 days ago17 views

CVE-2026-54424

CVE-2026-54424 affects Unity Parsec on Windows. The vulnerability is described as an Incorrect Use of Privileged APIs that can lead to Elevation of Privilege. Affected through Parsec for Windows v2026-05-04.0, with a patch in Windows version 150-104a. The issue allows an instance of parsecd.exe t...

8.4CVSS6AI score0.00245EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.7 views

PT-2026-53735

Name of the Vulnerable Software and Affected Versions Matrix42 Empirum versions prior to 25.5 Matrix42 Empirum versions 26.x prior to 26.2 Description The PBackupVSS.exe component creates a named pipe at '.pipePBackupVSS' with a Discretionary Access Control List DACL that grants GENERIC READ and...

7.8CVSS6.2AI score0.00125EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.33 views

CVE-2026-30040

A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 JP2 file...

0.00465EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 12:0 a.m.3 views

CVE-2026-37452

CVE-2026-37452 affects MSI Center’s MSI NBFoundation Service (MSIAPService.exe). The issue arises from insecure permissions on the IPC named pipe . low MSI_SERVICE_2, allowing unauthenticated clients to trigger surface commands that run under SYSTEM. The connected advisories describe an arbitrary...

7.5CVSS5.9AI score0.00398EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/19 2:16 p.m.8 views

EUVD-2020-31253

Realtek Audio Service 1.0.0.55 contains an unquoted service path vulnerability in RtkAudioService64.exe that allows local attackers to escalate privileges by injecting malicious code. Attackers can place executable files in the unquoted service path directory to execute arbitrary code with...

8.5CVSS6.2AI score0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 12:0 a.m.22 views

CVE-2026-36213

The vulnerability CVE-2026-36213 affects Microvirt MEmu Android Emulator (Windows) up to version 9.2.7.0, in the MemuService.exe component. The issue enables local privilege escalation because the MemuSVC service runs with SYSTEM-level privileges while its binary is writable by a local user, allo...

7.8CVSS5.3AI score0.00479EPSS
Exploits2References1
NVD
NVD
added 2026/06/03 8:16 p.m.17 views

CVE-2026-44609

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS0.00106EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 7:25 p.m.18 views

CVE-2026-44609

CVE-2026-44609 affects Acronis DeviceLock DLP for Windows prior to build 9.0.15051.93227. The vulnerability is an EXE hijacking issue that enables local privilege escalation. Exploitation details are not provided in the supplied documents beyond the affected product and build, and there is no inf...

7.3CVSS7.1AI score0.00106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/03 7:25 p.m.10 views

CVE-2026-44609

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS7.1AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 7:25 p.m.13 views

EUVD-2026-34171

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS5.8AI score0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.16 views

PT-2026-46063

Name of the Vulnerable Software and Affected Versions Acronis DeviceLock DLP Windows versions prior to 9.0.15051.93227 Description Local privilege escalation is possible due to an EXE hijacking issue. This occurs when an application searches for a required executable file in an insecure order,...

7.3CVSS7.1AI score0.00106EPSS
Exploits0References3
NVD
NVD
added 2026/06/01 3:16 p.m.18 views

CVE-2026-42251

Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...

8.7CVSS0.00356EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/26 1:52 a.m.20 views

SUSE CVE-2026-48831

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...

7.3CVSS5.8AI score0.00179EPSS
Exploits0References3
OSV
OSV
added 2026/05/25 12:3 p.m.13 views

MAL-2026-4350 Malicious code in clobprice.api (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

5.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-48831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handli...

7.3CVSS5.9AI score0.00179EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/24 8:52 p.m.13 views

CVE-2026-48831

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...

7.3CVSS5.8AI score0.00179EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.19 views

WineHQ Wine 安全漏洞

WineHQ Wine is an open-source compatibility layer software developed by WineHQ, capable of running Windows applications on Unix-like systems. There is a security vulnerability in WineHQ, which stems from a.desktop file registered as an EXE file MIME processor. This vulnerability may allow EXE fil...

7.3CVSS5.8AI score0.00179EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/05 12:15 p.m.61 views

CVE-2026-7832 IObit Advanced SystemCare Service ASC.exe symlink

A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in symlink following. Attacking locally is a requirement. This attack is characterized by high complexity. It is indicated that...

7.3CVSS0.00131EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.9 views

Constraint-Guided Multi-Agent Decompilation for Executable Binary Recovery

Decompilation -- recovering source code from compiled binaries -- is essential for security analysis, malware reverse engineering, and legacy software maintenance. However, existing decompilers produce code that often fails to compile or execute correctly, limiting their practical utility. We...

5.5AI score
Exploits0
OSV
OSV
added 2026/04/12 1:16 p.m.4 views

UBUNTU-CVE-2019-25695

R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...

8.6CVSS6.5AI score0.00191EPSS
Exploits0References5
Rows per page
Query Builder