Lucene search
K

812 matches found

Cvelist
Cvelist
added 2026/05/12 4:34 p.m.35 views

CVE-2026-20738

Untrusted pointer dereference for some IntelR QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of...

8.5CVSS0.00112EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/11 11:0 a.m.15 views

nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files

A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...

8.5CVSS7.7AI score0.00918EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 7:16 a.m.33 views

CVE-2026-8069

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrar...

8.5CVSS0.00118EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 5:57 a.m.11 views

CVE-2026-8069 PredatorSense V3: Local Privilege Escalation (LPE) vulnerability

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrar...

8.5CVSS6.3AI score0.00118EPSS
Exploits0References1
CVE
CVE
added 2026/05/08 5:57 a.m.25 views

CVE-2026-8069

PredatorSense v3.00.3136–v3.00.3196 contains a Local Privilege Escalation (LPE) vulnerability. A misconfigured Windows Named Pipe with a custom protocol allows any authenticated local user to execute arbitrary code with NT AUTHORITY\SYSTEM privileges and to delete arbitrary files with SYSTEM priv...

8.5CVSS6.3AI score0.00118EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 5:57 a.m.9 views

CVE-2026-8069

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrar...

8.5CVSS6.3AI score0.00118EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

Acer PredatorSense 路径遍历漏洞

Acer PredatorSense is a system management software developed by Acer, a company based in Taiwan, China. Versions 3.00.3136 to 3.00.3196 of Acer PredatorSense contain a path traversal vulnerability. This vulnerability stems from an exposed Windows named pipe configuration error in the program. It...

8.5CVSS6.3AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 3:45 p.m.38 views

CVE-2026-41288 WatchGuard Agent on Windows Privilege Escalation Vulnerability

Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITY\SYSTEM...

7.3CVSS0.00103EPSS
Exploits0References1
CVE
CVE
added 2026/04/28 9:39 a.m.19 views

CVE-2026-7279

AVACAST by eMPIA Technology is affected by a DLL hijacking vulnerability that can be exploited by authenticated local attackers to place a malicious DLL in a targeted directory, leading to arbitrary code execution with system privileges when the DLL is loaded. The reports describe the vulnerabili...

8.5CVSS6.2AI score0.00114EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/28 9:39 a.m.32 views

CVE-2026-7279 eMPIA Technology|AVACAST - DLL Hijacking

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS0.00114EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/28 9:39 a.m.4 views

CVE-2026-7279 eMPIA Technology|AVACAST - DLL Hijacking

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS6.2AI score0.00114EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/28 9:39 a.m.7 views

EUVD-2026-26028

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS6.2AI score0.00114EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/16 1:53 a.m.4 views

CVE-2026-6348

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the environment where the agent is installed...

9.3CVSS6.2AI score0.0018EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/16 1:53 a.m.19 views

CVE-2026-6348

WinMatrix agent by Simopro Technology is affected by a Missing Authentication vulnerability. The CVE-2026-6348 issue allows authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine and on all hosts in the environment where the agent is installed. Credent...

9.3CVSS6.2AI score0.0018EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/15 4:11 p.m.4 views

CVE-2026-20136

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS5.8AI score0.00499EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/15 12:28 p.m.5 views

CVE-2026-4145

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges...

8.5CVSS6.3AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.11 views

Lenovo Diagnostics 安全漏洞

Lenovo Diagnostics is a tool developed by Lenovo Corporation for scanning and diagnosing hardware faults on Lenovo computers. This tool helps users scan their computers, identify issues with the system, and repair them. Lenovo Diagnostics can also assist users in resolving various computer proble...

7.1CVSS6.1AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 12:30 a.m.11 views

EUVD-2026-21080

A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file lin...

7.3CVSS5.9AI score0.00129EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/08 3:38 a.m.15 views

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

7.8CVSS6.7AI score0.0017EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2026/04/06 7:22 p.m.7 views

K000160637: Intel 800 Series Ethernet vulnerability CVE-2025-24303

Security Advisory Description Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some IntelR 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-24303 Impact This...

8.8CVSS5.9AI score0.00128EPSS
Exploits0Affected Software2
Rows per page
Query Builder