Lucene search
+L

818 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.10 views

CVE-2026-0413 Buffer overflow vulnerability in certain NETGEAR Nighthawk routers

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References15
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.36 views

CVE-2026-0413 Buffer overflow vulnerability in certain NETGEAR Nighthawk routers

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS0.00323EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.11 views

CVE-2026-0417 Insufficient input validation in certain NETGEAR routers

Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity...

6.8CVSS5.4AI score0.00229EPSS
Exploits0References28
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.32 views

CVE-2026-0416 Improper input validation in certain NETGEAR routers allows unauthorized modification of protected router functionality

An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...

6.8CVSS0.0018EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

NETGEAR Routers 输入验证错误漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a vulnerability related to input validation. This vulnerability stems from insufficient input validation, which may allow administrators who are connected to the local network and hav...

6.8CVSS5.3AI score0.00229EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/09 12:0 a.m.8 views

Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system...

7.8CVSS6.2AI score0.25323EPSS
In wildExploits2
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.13 views

CVE-2026-7310

A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted XML file which may lead to memory corruption and potential arbitrary code execution. Successful...

4.4CVSS6.2AI score0.00103EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.18 views

CVE-2026-7279

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS6.2AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.11 views

CVE-2026-9789

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS5.6AI score0.00152EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.11 views

CVE-2026-8069

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrar...

8.5CVSS6AI score0.00118EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 10:33 p.m.216 views

CVE-2026-20245

Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) is affected by CVE-2026-20245. The vulnerability arises from insufficient validation of user-supplied input in the CLI, enabling an authenticated, local attacker to upload a crafted file and perform command injection, potentially elevating p...

7.8CVSS6.3AI score0.25323EPSS
In wildExploits2References3Affected Software2
Cisco
Cisco
added 2026/06/04 10:27 p.m.111 views

Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplyi...

7.8CVSS7.2AI score0.25323EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Cisco Catalyst SD-WAN Manager 安全漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is a security vulnerability present in Cisco Catalyst SD-WAN Manager, which stems from insufficient user...

7.8CVSS6.3AI score0.25323EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.17 views

Cisco Application Policy Infrastructure Controller DoS (cisco-sa-apic-dos-rNus8EFw)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a vulnerability. - A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, local attacker to cause an affect...

5.5CVSS5.6AI score0.00087EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/28 2:39 a.m.14 views

EUVD-2026-32700

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS5.9AI score0.00152EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 2:39 a.m.13 views

CVE-2026-9789

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS5.9AI score0.00152EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.12 views

CVE-2026-9489

NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with ...

8.5CVSS6.3AI score0.0012EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 11:43 a.m.36 views

CVE-2026-7310

CVE-2026-7310: A heap-based buffer overflow exists in the XML parser functionality of HiDraw. An authenticated attacker with local access can trigger this via a specially crafted XML file, potentially causing memory corruption and arbitrary code execution. Reported impacts include application cra...

4.4CVSS6.2AI score0.00103EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/25 7:25 a.m.16 views

EUVD-2026-31648

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message message type 0x03 to the pipe, causing the service ...

6.8CVSS5.8AI score0.00173EPSS
Exploits1References1
NVD
NVD
added 2026/05/25 2:16 a.m.15 views

CVE-2026-9489

NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with ...

8.5CVSS0.0012EPSS
Exploits0References1
Rows per page
Query Builder