Lucene search
+L

62 matches found

RedhatCVE
RedhatCVE
added 2025/10/01 12:42 a.m.10 views

CVE-2025-56513

NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are automatically executed,...

9.8CVSS6.2AI score0.00418EPSS
Exploits2References1
OSV
OSV
added 2025/09/30 6:15 p.m.4 views

CVE-2025-56513

NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are automatically executed,...

9.8CVSS6.3AI score0.00418EPSS
Exploits2References2
Cvelist
Cvelist
added 2024/08/21 1:54 a.m.26 views

CVE-2024-38305

Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation vulnerability in the installer. A local low-privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executables on the operating system with...

7.3CVSS0.00322EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/21 1:54 a.m.14 views

CVE-2024-38305

Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation vulnerability in the installer. A local low-privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executables on the operating system with...

7.3CVSS7.1AI score0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.8 views

Dell Repository Manager 安全漏洞

Dell Repository Manager is a data repository manager from Dell USA. A security vulnerability exists in Dell Repository Manager 3.4.2 and earlier versions, which stems from a local elevation of privilege vulnerability that allows a local, low-privilege attacker to execute arbitrary executable file...

7.8CVSS7.1AI score0.00132EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.9 views

Dell SupportAssist for Home PCs 代码问题漏洞

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA. The program provides automated, proactive and predictive techniques for troubleshooting and more. A code issue vulnerability exists in Dell SupportAssist for Home PCs version 4.0.3, which stems from the...

7.3CVSS7.5AI score0.00322EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.5 views

PT-2024-27934 · Dell · Dell Supportassist

Name of the Vulnerable Software and Affected Versions: Dell SupportAssist for Home PCs Installer exe version 4.0.3 Description: A local low-privileged authenticated attacker could potentially exploit a privilege escalation vulnerability in the installer, leading to the execution of arbitrary...

7.3CVSS7.2AI score0.00322EPSS
Exploits0References9
OSV
OSV
added 2024/02/21 11:15 a.m.10 views

CVE-2023-7235

The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an attacker to replace binaries to run arbitrary executables...

8.4CVSS5.9AI score0.00214EPSS
Exploits0References1
Prion
Prion
added 2024/02/21 11:15 a.m.27 views

Design/Logic Flaw

The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an attacker to replace binaries to run arbitrary executables...

7.2AI score0.00214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/21 10:55 a.m.16 views

CVE-2023-7235

The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an attacker to replace binaries to run arbitrary executables...

6.8AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/21 10:55 a.m.22 views

CVE-2023-7235

The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an attacker to replace binaries to run arbitrary executables...

6.8AI score0.00214EPSS
Exploits0References1
CVE
CVE
added 2024/02/21 10:55 a.m.4738 views

CVE-2023-7235

CVE-2023-7235 concerns the OpenVPN GUI installer prior to version 2.6.9, where the installation directory of OpenVPN binaries did not have proper access control when using a non-standard path. This weakness could allow an attacker to replace binaries and execute arbitrary code. The initial CVE en...

8.4CVSS6.8AI score0.00214EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/22 12:0 a.m.6 views

Dell SupportAssist for Home PCs Code Issue Vulnerability

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA. The program provides automated, proactive and predictive techniques for troubleshooting and more. A security vulnerability exists in Dell SupportAssist for Home PCs version 3.14.1 and prior versions, which...

7.8CVSS7.5AI score0.00235EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/16 12:0 a.m.6 views

PT-2023-7872 · Unknown · Itpison Omicard Edm

Name of the Vulnerable Software and Affected Versions: ITPison OMICARD EDM affected versions not specified Description: The file uploading function in ITPison OMICARD EDM does not restrict the upload of files with dangerous types. An unauthenticated remote attacker can exploit this issue to uploa...

9.8CVSS9.7AI score0.00961EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/06/16 12:0 a.m.10 views

PT-2023-24001 · L7 Networks · L7 Networks Instantqos Iq-8000 +1

Name of the Vulnerable Software and Affected Versions: L7 Networks InstantScan IS-8000 & InstantQoS IQ-8000 affected versions not specified Description: The file uploading function in the affected devices does not properly restrict the upload of files with dangerous types. This allows an...

9.8CVSS9.6AI score0.00942EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.10 views

ITPison OMICARD EDM 代码问题漏洞

ITPison OMICARD EDM is a high-speed newsletter EDM marketing and distribution system from the Chinese company ITPison. ITPison OMICARD EDM suffers from a code issue vulnerability that originates from an unrestricted dangerous type file upload vulnerability, which can be exploited by an attacker...

6.8CVSS7.1AI score0.00328EPSS
Exploits0References2
OSV
OSV
added 2023/03/27 4:15 a.m.4 views

CVE-2023-25909

HGiga OAKlouds file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary command or disrupt service...

9.8CVSS7.4AI score0.00942EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.5 views

Cloudflare WARP 输入验证错误漏洞

Cloudflare WARP Cloudflare Vpn is a client-side application for secure connections from Cloudflare, Inc. A security vulnerability in Cloudflare WARP, which stems from a lack of proper validation of the supporturi parameter in its client-side local settings file mdm.xml, allows an attacker to...

8.9CVSS7.8AI score0.00695EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/04/22 12:0 a.m.6 views

CVE-2022-22392

IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066...

7.8CVSS7.1AI score0.01944EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/12/13 4:15 a.m.12 views

CVE-2021-44153

An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run arbitrary executables, as demonstrated by an ISV demo "C:\Windows\System32\calc.exe" entry. An attacker can exploit this to run a malicious binary on startup, or...

9CVSS0.02005EPSS
Exploits3References2
Rows per page
Query Builder