Lucene search
K

721 matches found

Prion
Prion
added 2019/04/15 8:29 p.m.15 views

Privilege escalation

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...

7.2CVSS7.7AI score0.00422EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/04/09 8:30 p.m.14 views

CVE-2019-7359

An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018,...

7.8CVSS7.9AI score0.01636EPSS
Exploits0References1
Prion
Prion
added 2019/04/09 8:30 p.m.24 views

Heap overflow

An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018,...

6.8CVSS7.8AI score0.01636EPSS
Exploits0References1Affected Software11
Prion
Prion
added 2019/04/02 4:29 p.m.14 views

Privilege escalation

An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 Windows 64-bit Installer. An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevat...

7.2CVSS7.8AI score0.00319EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/04/02 4:29 p.m.13 views

Privilege escalation

An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system service on boot by default to exploit this vulnerability and execute arbitrary code with system...

7.2CVSS7.8AI score0.0053EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/04/02 4:29 p.m.1 views

CVE-2018-4052

An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user...

5.5CVSS5.8AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2019/04/02 4:29 p.m.14 views

CVE-2018-3974

An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system service on boot by default to exploit this vulnerability and execute arbitrary code with system...

9.3CVSS8.2AI score0.0053EPSS
Exploits1References1
Prion
Prion
added 2019/04/02 4:29 p.m.13 views

Information disclosure

An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user...

2.1CVSS5.2AI score0.00357EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/04/02 4:29 p.m.13 views

CVE-2018-4051

An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally create directories and subdirectories on the root file system, as well as change the permissions of existing directories...

7.1CVSS6.2AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/04/02 3:35 p.m.18 views

CVE-2018-4049

An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 Windows 64-bit Installer. An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevat...

9.3CVSS7.8AI score0.00319EPSS
Exploits0References1
Prion
Prion
added 2019/04/01 7:29 p.m.19 views

Privilege escalation

An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges...

7.2CVSS7.8AI score0.00353EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/03/21 5:29 p.m.19 views

CVE-2017-16253

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow...

8.5CVSS8.4AI score0.01099EPSS
Exploits1References1
Prion
Prion
added 2019/03/21 5:29 p.m.15 views

Format string

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legac...

4.4CVSS6.7AI score0.00276EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/03/21 4:29 p.m.24 views

CVE-2018-4030

An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall, version 7003. The bug lies in the way the safe browsing function parses HTTP requests. The "Host" header is incorrectly extracted from captured HTTP requests, which would allow an attacker to visit any...

7.5CVSS6AI score0.01168EPSS
Exploits1References1
NVD
NVD
added 2019/03/21 4:29 p.m.24 views

CVE-2018-3969

An exploitable vulnerability exists in the verified boot protection of the CUJO Smart Firewall. It is possible to add arbitrary shell commands into the dhcpd.conf file, that persist across reboots and firmware updates, and thus allow for executing unverified commands. To trigger this vulnerabilit...

8.2CVSS7.8AI score0.00501EPSS
Exploits1References1
NVD
NVD
added 2019/03/21 4:0 p.m.17 views

CVE-2018-4059

An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. By default, the TURN server runs an unauthenticated telnet admin portal on the loopback interface. This can provide administrator access to the TURN server configuratio...

10CVSS8.1AI score0.01897EPSS
Exploits0References1
OSV
OSV
added 2019/03/21 4:0 p.m.4 views

UBUNTU-CVE-2018-4058

An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services running on that...

7.7CVSS7.1AI score0.00935EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/03/21 3:26 p.m.32 views

CVE-2018-3969

An exploitable vulnerability exists in the verified boot protection of the CUJO Smart Firewall. It is possible to add arbitrary shell commands into the dhcpd.conf file, that persist across reboots and firmware updates, and thus allow for executing unverified commands. To trigger this vulnerabilit...

8.2CVSS7.6AI score0.00501EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/03/21 2:50 p.m.27 views

CVE-2019-5011

An exploitable privilege escalation vulnerability exists in the helper service CleanMyMac X, version 4.20, due to improper updating. The application failed to remove the vulnerable components upon upgrading to the latest version, leaving the user open to attack. A user with local access can use...

7.1CVSS5.5AI score0.00398EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/03/21 2:30 p.m.25 views

CVE-2018-4059

An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. By default, the TURN server runs an unauthenticated telnet admin portal on the loopback interface. This can provide administrator access to the TURN server configuratio...

10CVSS7.9AI score0.01897EPSS
Exploits0
Rows per page
Query Builder