Lucene search
K

423 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

RHEL 8 : firefox (RHSA-2026:2070)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2070 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS5.7AI score0.0057EPSS
Exploits0References28
RedhatCVE
RedhatCVE
added 2026/02/03 9:19 p.m.4 views

CVE-2026-0924

BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoCleaner: 1.15.2...

7.3CVSS5.3AI score0.00162EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/03 3:18 p.m.14 views

CVE-2026-24071

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

7.8CVSS5.5AI score0.00146EPSS
Exploits1References1
NVD
NVD
added 2026/02/02 11:16 p.m.12 views

CVE-2026-0924

BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoCleaner: 1.15.2...

7.3CVSS0.00162EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/02 8:18 p.m.4 views

CVE-2026-0924

BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoCleaner: 1.15.2...

7.3CVSS5.3AI score0.00162EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/02/02 2:16 p.m.10 views

CVE-2026-24070

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

8.8CVSS0.00213EPSS
Exploits1References2
EUVD
EUVD
added 2026/02/02 1:15 p.m.6 views

EUVD-2026-5108

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

8.8CVSS5.8AI score0.00213EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.10 views

PT-2026-5658

Name of the Vulnerable Software and Affected Versions Native Access affected versions not specified Description The XPC service within Native Access’s privileged helper is susceptible to a security issue. The service utilizes the process ID PID of connecting clients to validate code signatures,...

7.8CVSS5.5AI score0.00146EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.12 views

PT-2026-5707

Name of the Vulnerable Software and Affected Versions BuhoCleaner version 1.15.2 Description BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root. This is achieved through insecure functions within the XPC service. Recommendations...

7.3CVSS5.9AI score0.00162EPSS
Exploits1References6
Packet Storm News
Packet Storm News
added 2026/01/28 12:0 a.m.2 views

Falco 0.43.0

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...

5.9AI score
Exploits0
NVD
NVD
added 2026/01/26 10:16 a.m.6 views

CVE-2025-59092

An RPC service, which is part of exos 9300, is reachable on port 4000, run by the process FSMobilePhoneInterface.exe. This service is used for interprocess communication between services and the Kaba exos 9300 GUI, containing status information about the Access Managers. Interacting with the...

8.7CVSS0.00759EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/26 10:3 a.m.3 views

CVE-2025-59092

An RPC service, which is part of exos 9300, is reachable on port 4000, run by the process FSMobilePhoneInterface.exe. This service is used for interprocess communication between services and the Kaba exos 9300 GUI, containing status information about the Access Managers. Interacting with the...

8.7CVSS6AI score0.00759EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/01/26 10:3 a.m.29 views

CVE-2025-59092 Unauthenticated RPC Service in dormakaba Kaba exos 9300

An RPC service, which is part of exos 9300, is reachable on port 4000, run by the process FSMobilePhoneInterface.exe. This service is used for interprocess communication between services and the Kaba exos 9300 GUI, containing status information about the Access Managers. Interacting with the...

8.7CVSS0.00759EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/26 10:3 a.m.5 views

CVE-2025-59092 Unauthenticated RPC Service in dormakaba Kaba exos 9300

An RPC service, which is part of exos 9300, is reachable on port 4000, run by the process FSMobilePhoneInterface.exe. This service is used for interprocess communication between services and the Kaba exos 9300 GUI, containing status information about the Access Managers. Interacting with the...

8.7CVSS6AI score0.00759EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.7 views

PT-2026-4742

An RPC service, which is part of exos 9300, is reachable on port 4000, run by the process FSMobilePhoneInterface.exe. This service is used for interprocess communication between services and the Kaba exos 9300 GUI, containing status information about the Access Managers. Interacting with the...

8.7CVSS6AI score0.00759EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/01/23 12:21 p.m.168 views

CVE-2026-Pending-Claude-Desktop-RCE

CVE-2026-PENDING: Claude Desktop Remote Code Execution via Pri...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/21 12:3 p.m.3 views

firefox: thunderbird: Use-after-free in the IPC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the IPC component...

8.8CVSS5.7AI score0.00405EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2026/01/20 12:0 a.m.26 views

VulnCheck KEV: CVE-2025-2857

Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...

10CVSS5.8AI score0.08404EPSS
In wildExploits6References2
CNVD
CNVD
added 2026/01/19 12:0 a.m.1 views

Code execution vulnerability in multiple Mozilla products (CNVD-2026-11802)

Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...

8.8CVSS6.6AI score0.00405EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 3 : kernel-2.6.18-194.3.AXS3 (AXSA:2010-377:12)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-377:12 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

7.8CVSS7.5AI score0.21312EPSS
Exploits14References10
Rows per page
Query Builder