Lucene search
K

404 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/10 8:18 p.m.5 views

CVE-2026-1495

The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...

6.5CVSS5.5AI score0.00112EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/10 8:18 p.m.6 views

CVE-2026-1495 Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent

The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...

6.5CVSS5.5AI score0.00112EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 8:18 p.m.16 views

CVE-2026-1495

CVE-2026-1495 concerns an information-insertion vulnerability in AVEVA PI to CONNECT Agent. The CVE describes that an attacker with Event Log Reader privileges (S-1-5-32-573) can access proxy details, including the proxy URL and credentials, from the PI to CONNECT event log files. This could enab...

6.5CVSS5.5AI score0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 8:18 p.m.29 views

CVE-2026-1495 Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent

The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...

6.5CVSS0.00112EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.8 views

AVEVA PI to CONNECT Agent 日志信息泄露漏洞

AVEVA PI to CONNECT Agent is a data transfer component developed by the British company AVEVA. AVEVA PI to CONNECT Agent has a vulnerability related to log information leakage. This vulnerability arises from attackers who have access to event log reading capabilities, allowing them to obtain...

6.5CVSS5.8AI score0.00112EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.15 views

PT-2026-7470

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A security issue exists where an attacker with Event Log Reader S-1-5-32-573 privileges may be able to obtain proxy details, including the URL and proxy credentials, from PI to CONNECT event log file...

6.5CVSS5.4AI score0.00112EPSS
Exploits0References4
NVD
NVD
added 2026/01/21 6:16 p.m.8 views

CVE-2021-47861

Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...

8.5CVSS0.00127EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/21 5:27 p.m.5 views

EUVD-2026-3635

Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...

8.5CVSS5.9AI score0.00127EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/01/21 5:27 p.m.5 views

CVE-2021-47861

Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...

8.5CVSS5.9AI score0.00127EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/21 5:27 p.m.18 views

CVE-2021-47861 Event Log Explorer 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path

Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...

8.5CVSS0.00127EPSS
Exploits0References3
CVE
CVE
added 2026/01/21 5:27 p.m.10 views

CVE-2021-47861

CVE-2021-47861 : Event Log Explorer 4.9.3 is affected by an unquoted service path that enables local users to potentially execute arbitrary code with elevated (LocalSystem) privileges during service startup via mislocated executables. Under the documented exploit path, attackers place a malicious...

8.5CVSS5.9AI score0.00127EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/21 5:27 p.m.2 views

CVE-2021-47861 Event Log Explorer 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path

Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...

8.5CVSS5.9AI score0.00127EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.6 views

FSPro Labs Event Log Explorer code-related vulnerabilities

FSPro Labs Event Log Explorer is a log analysis tool developed by FSPro Labs. Version 4.9.3 of FSPro Labs Event Log Explorer contains a code vulnerability caused by an unquoted service path. This vulnerability could allow local users to execute arbitrary code and gain system privileges...

8.5CVSS6.2AI score0.00127EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.12 views

PT-2026-3813

Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...

8.5CVSS5.9AI score0.00127EPSS
Exploits0References4
Circl
Circl
added 2026/01/20 8:1 p.m.5 views

CVE-2025-48106

creationtimestamp| type| source ---|---|--- 2026-01-20 20:01:05+00:00| seen| Telegram/2h9kLqrsex2tcWpWJqm-roNL4IgbxPNBh636PPsjj82mNAo...

10CVSS4.8AI score0.00565EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/14 12:0 a.m.10 views

WMI Event Subscription Event Log Persistence

This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that will query the event log for an EVENTIDTRIGGER default: failed logon request id 4625 that also contains a specified USERNAMETRIGGER note: failed logon auditing must be...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.6 views

CVE-2021-22538

A privilege escalation vulnerability impacting the Google Exposure Notification Verification Server versions prior to 0.23.1, allows an attacker who 1 has UserWrite permissions and 2 is using a carefully crafted request or malicious proxy, to create another user with higher privileges than their...

8.8CVSS7AI score0.00718EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.10 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992796)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992796 advisory. In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/13 1:0 a.m.13 views

CVE-2025-31645

Uncontrolled search path for some System Event Log Viewer Utility software for all versions within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege...

6.7CVSS6.5AI score0.00107EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990850)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990850 advisory. In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References3
Rows per page
Query Builder