Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

17 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 11:24 a.m.2 views

CVE-2021-31154

pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack...

7.8CVSS6.9AI score0.00042EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 12:26 a.m.5 views

CVE-2024-31154

Improper input validation in UEFI firmware for some IntelR Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS7.1AI score0.00044EPSS
Exploits0References1
F5 Networks
F5 Networksadded 2024/11/19 12:37 a.m.29 views

K000148582: Intel Server Board vulnerabilities CVE-2024-31154, CVE-2024-31158, CVE-2024-39609, CVE-2024-40885, and CVE-2024-41167

Security Advisory Description CVE-2024-31154 Improper input validation in UEFI firmware for some IntelR Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-31158 Improper input validation in UEFI firmware in some IntelR Server Boar...

8.7CVSS6.9AI score0.00106EPSS
Exploits0
CVE
CVEadded 2024/11/13 9:10 p.m.57 views

CVE-2024-31154

CVE-2024-31154 affects Intel Server Board S2600BPBR UEFI firmware (and related S2600BP family). It stems from improper input validation in the UEFI, which could allow a privileged local attacker to escalate privileges. Intel’s advisory (Intel-SA-01175) confirms the broader family impact and recom...

8.7CVSS7.7AI score0.00044EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2023/06/05 12:0 a.m.14 views

Schweitzer Engineering Laboratories RTAC Cross-site Scripting (CVE-2023-31154)

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

5.4CVSS5.8AI score0.00197EPSS
Exploits0References3
Circl
Circladded 2023/05/11 12:14 a.m.0 views

CVE-2023-31154

creationtimestamp| type| source ---|---|--- 2023-05-11 00:14:56+00:00| seen| https://t.me/cibsecurity/63843...

5.4CVSS5.5AI score0.00197EPSS
Exploits0References1
CVE
CVEadded 2023/05/10 7:22 p.m.41 views

CVE-2023-31154

CVE-2023-31154 affects Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface. The issue is an Improper Neutralization of Input During Web Page Generation (XSS) that could allow a remote authenticated attacker to inject and execute arbitrary script code. Refe...

5.4CVSS5.3AI score0.00197EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/05/10 7:22 p.m.14 views

CVE-2023-31154 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

4.3CVSS5.9AI score0.00197EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/05/10 7:22 p.m.6 views

CVE-2023-31154 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 3:41 a.m.1 views

SUSE CVE-2021-31154

pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack...

7.8CVSS7.5AI score0.00042EPSS
Exploits1References3
Circl
Circladded 2022/08/01 10:17 p.m.2 views

CVE-2022-31154

creationtimestamp| type| source ---|---|--- 2022-08-01 22:17:05+00:00| seen| https://t.me/cibsecurity/47369 2025-04-23 18:05:47+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13105...

6.4CVSS5.8AI score0.00143EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/08/01 6:40 p.m.10 views

CVE-2022-31154 Indirect Object Access in Sourcegraph Code Monitoring

Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by any other Sourcegraph user. This includes being able to edit both the trigger and the action of the monitor in question. An attacker is not able ...

6.4CVSS6.5AI score0.00143EPSS
Exploits0References2
OSV
OSVadded 2021/05/27 1:15 p.m.5 views

CVE-2021-31154

pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack...

7.8CVSS7.6AI score
Exploits0References2
OSV
OSVadded 2021/05/27 1:15 p.m.1 views

DEBIAN-CVE-2021-31154

pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack...

7.8CVSS7.4AI score0.00042EPSS
Exploits1References1
NVD
NVDadded 2021/05/27 1:15 p.m.6 views

CVE-2021-31154

pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack...

7.8CVSS0.00042EPSS
Exploits1References2
CVE
CVEadded 2021/05/27 12:10 p.m.71 views

CVE-2021-31154

CVE-2021-31154 affects pleaser before 0.4.0. The issue arises from using predictable temporary filenames in /tmp and the target directory, enabling a local attacker to stage a symlink attack and gain full root privileges. Exploitation details are not provided in the connected documents beyond the...

7.8CVSS7.5AI score0.00042EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCveadded 2021/05/05 12:0 a.m.18 views

CVE-2021-31154

pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack...

7.8CVSS7.1AI score0.00042EPSS
Exploits1References2
Rows per page
Query Builder