Lucene search
K

132 matches found

Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.7 views

PT-2025-44305

Name of the Vulnerable Software and Affected Versions ThreatFire System Monitor version 4.7.0.53 Description A flaw exists in the kernel driver of ThreatFire System Monitor that allows for privilege escalation and arbitrary command execution. This is due to insecure access control through an...

7.8CVSS7.1AI score0.0013EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-4857

Malware in sbrugna...

7.8CVSS7.7AI score0.00376EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2002-0066

Malware in sbrugna...

7.5CVSS6.4AI score0.01635EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-21447

Malware in sbrugna...

9.8CVSS9.5AI score0.01287EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-26815

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42712

Malicious code in bioql PyPI...

7.5CVSS8.2AI score0.02438EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-20000

Malicious code in bioql PyPI...

8.1CVSS6.4AI score0.00252EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.4 views

PT-2025-33203 · Syedamirhussain91 · Db Backup

Name of the Vulnerable Software and Affected Versions: syedamirhussain91 DB Backup versions through 6.0 Description: A missing authorization flaw in syedamirhussain91 DB Backup allows exploitation due to incorrectly configured access control security levels. Recommendations: Update to a version...

6.5CVSS7.2AI score0.00294EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.6 views

CVE-2025-49154

An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...

8.7CVSS7.5AI score0.00103EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 7:15 p.m.7 views

CVE-2025-49154

An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...

8.7CVSS0.00103EPSS
Exploits0References2
OSV
OSV
added 2025/06/17 7:15 p.m.5 views

CVE-2025-49154

An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...

7.8CVSS6AI score0.00103EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/17 6:42 p.m.11 views

CVE-2025-49154

An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...

8.7CVSS0.00103EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 6:42 p.m.4 views

CVE-2025-49154

An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...

8.7CVSS7.4AI score0.00103EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.6 views

PT-2025-25746 · Trend Micro · Trend Micro Apex One +1

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Trend Micro Worry-Free Business Security affected versions not specified Description: An insecure access control issue could allow a local attacker to overwrite key memory-mapped files,...

8.7CVSS6.4AI score0.00103EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 9:24 a.m.6 views

CVE-2024-37742

Insecure Access Control in Safe Exam Browser SEB = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair...

8.2CVSS5.9AI score0.00507EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/20 11:19 p.m.18 views

CVE-2023-38952

Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin users are not enforc...

7.5CVSS7.1AI score0.02438EPSS
Exploits2References6
VulnCheck KEV
VulnCheck KEV
added 2025/05/02 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-38952

Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin users are not...

7.5CVSS5.8AI score0.02438EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/04/18 12:15 p.m.13 views

CVE-2025-32790 Dify Allows Insecure User Role Access Control for APP DSL Exporting

Dify is an open-source LLM app development platform. In versions 0.6.8 and prior, a vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in '/export' should only allow administrator users to export DSL. A workaround for...

6.3CVSS6.1AI score0.0024EPSS
Exploits1References3
OSV
OSV
added 2025/02/05 1:15 p.m.5 views

CVE-2024-9097

ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat...

4.3CVSS5.8AI score0.00611EPSS
Exploits0References1
OSV
OSV
added 2024/10/28 3:20 p.m.10 views

GO-2024-3220 Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rancher

Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...

7.5CVSS7.9AI score0.00508EPSS
Exploits0References1
Rows per page
Query Builder