Lucene search
+L

550 matches found

OSV
OSV
added 2026/02/26 4:27 p.m.6 views

GO-2026-4537 Caddy is vulnerable to cross-origin config application via local admin API /load in github.com/caddyserver/caddy/v2

Caddy is vulnerable to cross-origin config application via local admin API /load in github.com/caddyserver/caddy/v2...

8.2CVSS5.5AI score0.00166EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/25 10:19 p.m.6 views

CVE-2025-1787

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege...

8.8CVSS5.4AI score0.00104EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 8:27 p.m.7 views

CVE-2025-1787

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege...

4.2CVSS5.8AI score0.00088EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/24 6:44 p.m.4 views

CVE-2025-1787

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege...

8.8CVSS5.5AI score0.00088EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/24 6:44 p.m.3 views

CVE-2025-1787

Local admin could to leak information from the Genetec Update Service configuration web page. An authenticated, admin privileged, Windows user could exploit this vulnerability to gain elevated privileges in the Genetec Update Service. Could be combined with CVE-2025-1789 to achieve low privilege...

8.8CVSS5.9AI score0.00104EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/24 6:44 p.m.19 views

CVE-2025-1787

CVE-2025-1787 concerns Genetec Update Service. A local, authenticated administrator could leak information from the service’s configuration web page, potentially enabling elevated privileges within the Genetec Update Service. The entry notes a possible combined impact with CVE-2025-1789 for low-p...

8.8CVSS5.5AI score0.00088EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/16 8:41 p.m.23 views

CVE-2025-48509

Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...

1.8CVSS5.5AI score0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 12:16 p.m.5 views

CVE-2025-62855 File Station 5

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File...

5.3CVSS5.5AI score0.00339EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:16 p.m.5 views

CVE-2025-62855

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File...

5.3CVSS5.5AI score0.00339EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 12:15 p.m.4 views

CVE-2025-62856 File Station 5

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File...

5.3CVSS5.5AI score0.00333EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.12 views

PT-2026-7571

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File...

5.3CVSS5.5AI score0.00339EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.10 views

PT-2026-7667

FlexNet Publisher 11.12.1 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious HTML form to trick authenticated users into submitting a request that creates a new local admin accoun...

5.1CVSS5.2AI score0.0013EPSS
Exploits0References5
NVD
NVD
added 2026/02/10 8:16 p.m.7 views

CVE-2025-48509

Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...

1.8CVSS0.00115EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/02/10 8:16 p.m.8 views

CVE-2025-48509

Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...

1.8CVSS5.9AI score0.00115EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/10 7:13 p.m.3 views

CVE-2025-48509

Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...

1.8CVSS5.5AI score0.00115EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/10 7:13 p.m.39 views

CVE-2025-48509

Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...

1.8CVSS0.00115EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 7:13 p.m.16 views

CVE-2025-48509

CVE-2025-48509 describes Missing Checks in functions related to Reverse Map Table (RMP) initialization that can let a local admin attacker misidentify I/O memory, potentially affecting guest memory integrity. The primary technical details indicate this affects AMD EPYC/SNP environments and relate...

1.8CVSS5.5AI score0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 7:13 p.m.6 views

CVE-2025-48509

Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...

1.8CVSS5.5AI score0.00115EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 4:16 a.m.15 views

CVE-2026-23685

Due to a Deserialization vulnerability in SAP NetWeaver JMS service, an attacker authenticated as an administrator with local access could submit specially crafted content to the server. If processed by the application, this content could trigger unintended behavior during internal logic executio...

4.4CVSS0.00124EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/10 3:2 a.m.5 views

CVE-2026-23685 Insecure Deserialization vulnerability in SAP NetWeaver (JMS service)

Due to a Deserialization vulnerability in SAP NetWeaver JMS service, an attacker authenticated as an administrator with local access could submit specially crafted content to the server. If processed by the application, this content could trigger unintended behavior during internal logic executio...

4.4CVSS5.6AI score0.00124EPSS
Exploits0References2
Rows per page
Query Builder