Lucene search
K

182 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:36 a.m.11 views

CVE-2023-35140

The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70ABTO.5 could allow an authenticated local user with read-only access to modify system settings on a vulnerable device...

5.5CVSS6.7AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:49 p.m.4 views

CVE-2021-22015

The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance...

7.8CVSS7.1AI score0.01808EPSS
Exploits5References1
OSV
OSV
added 2025/05/13 9:16 p.m.1 views

DEBIAN-CVE-2025-20623

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Core™ processors 10th Generation may allow an authenticated user to potentially enable information disclosure via local access...

5.7CVSS6.5AI score0.00147EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/05/13 9:16 p.m.3 views

CVE-2025-20079

Uncontrolled search path for some IntelR Advisor software may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS5.8AI score0.00129EPSS
Exploits0References2
OSV
OSV
added 2025/05/13 9:16 p.m.1 views

UBUNTU-CVE-2025-24495

Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...

6.8CVSS6.7AI score0.00168EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/04/04 6:15 a.m.4 views

CVE-2025-2159

Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...

5.1CVSS5.3AI score0.0021EPSS
Exploits0References3
NVD
NVD
added 2025/04/04 6:15 a.m.12 views

CVE-2025-2159

Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...

5.1CVSS0.0021EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/13 12:56 a.m.2 views

SUSE CVE-2024-37020

Sequence of processor instructions leads to unexpected behavior in the IntelR DSA V1.0 for some IntelR XeonR Processors may allow an authenticated user to potentially enable denial of service via local access...

3.8CVSS6.3AI score0.00223EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.5 views

PT-2025-6660

Name of the Vulnerable Software and Affected Versions: IntelR Advisor versions prior to 2024.2 Description: The issue concerns an uncontrolled search path in some IntelR Advisor software, which may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS6.7AI score0.00187EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/06 3:22 a.m.11 views

CVE-2021-35028

A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands...

7.8CVSS7.8AI score0.00306EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.4 views

QVPN Device Client 代码问题漏洞

QNAP Systems QVPN Device Client is a client software from China Weilian Technology QNAP Systems that is used to manage connections to VPN servers running on QNAP devices. A code issue vulnerability exists in QVPN Device Client that stems from an insecure library loading vulnerability that allows ...

7.8CVSS6.9AI score0.00163EPSS
Exploits0References1
OSV
OSV
added 2024/11/13 9:15 p.m.4 views

CVE-2024-36294

Insecure inherited permissions for some IntelR DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/12 9:30 a.m.3 views

intel-microcode: Race conditions in some Intel(R) Processors

A flaw was found in intel-microcode. The hardware logic contains race conditions in some IntelR processors that may allow an authenticated user to enable partial information disclosure via local access...

2.8CVSS6.2AI score0.00176EPSS
Exploits0References6
OSV
OSV
added 2024/08/14 2:15 p.m.2 views

CVE-2024-39283

Incomplete filtering of special elements in IntelR TDX module software before version TDX1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2024/08/14 2:15 p.m.5 views

CVE-2024-22184

Uncontrolled search path for some IntelR QuartusR Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.0015EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/06/24 11:34 p.m.5 views

SUSE CVE-2023-22656

Out-of-bounds read in IntelR Media SDK and some IntelR oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access...

3.9CVSS6.8AI score0.00275EPSS
Exploits0References13
OSV
OSV
added 2024/06/18 6:15 a.m.3 views

CVE-2024-37081

The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance...

7.8CVSS7.3AI score0.04989EPSS
Exploits3References1
OSV
OSV
added 2024/05/31 8:15 a.m.5 views

CVE-2024-5523

SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could allow an authenticated local user to send a specially crafted SQL query to the 'searchString' parameter and retrieve all information stored in the database...

8.8CVSS5.8AI score0.00374EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/31 7:32 a.m.13 views

CVE-2024-5523 SQL injection vulnerability in Astrotalks

SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could allow an authenticated local user to send a specially crafted SQL query to the 'searchString' parameter and retrieve all information stored in the database...

8.8CVSS8.6AI score0.00374EPSS
Exploits0References1
NVD
NVD
added 2024/05/22 11:15 p.m.37 views

CVE-2024-22026

A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance...

6.7CVSS7AI score0.01096EPSS
Exploits1References1
Rows per page
Query Builder