Lucene search
K

21832 matches found

NVD
NVD
added 2026/05/08 7:16 a.m.32 views

CVE-2026-8069

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrar...

8.5CVSS0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

Acer PredatorSense 路径遍历漏洞

Acer PredatorSense is a system management software developed by Acer, a company based in Taiwan, China. Versions 3.00.3136 to 3.00.3196 of Acer PredatorSense contain a path traversal vulnerability. This vulnerability stems from an exposed Windows named pipe configuration error in the program. It...

8.5CVSS6.3AI score0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.20 views

PT-2026-38677

Name of the Vulnerable Software and Affected Versions PredatorSense versions 3.00.3136 through 3.00.3196 Description A misconfigured Windows Named Pipe uses a custom protocol to invoke internal functions. This allows any authenticated local user to execute arbitrary code and delete arbitrary file...

8.5CVSS6.2AI score0.00118EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.14 views

ASUS System Control Interface 缓冲区错误漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a buffer overflow vulnerability in the ASUS System Control Interface. This vulnerability arises from reading sizes that exceed the size of the buffer within the IOCTL handler, which...

6.8CVSS6.1AI score0.00137EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 6:6 p.m.11 views

Security Bulletin: IBM MQ is vulnerable to a password disclosure vulnerability (CVE-2026-2607)

Summary IBM MQ has addressed a password disclosure vulnerability CVE-2026-2607 Vulnerability Details CVEID:CVE-2026-2607 DESCRIPTION: IBM MQ stores potentially sensitive information in log files that could be read by a local user. CWE:CWE-532: Insertion of Sensitive Information into Log File CVSS...

5.1CVSS5.8AI score0.00131EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.9 views

WatchGuard Agent 安全漏洞

WatchGuard Agent is a terminal security protection and device management agent provided by the American company WatchGuard. There is a security vulnerability in WatchGuard Agent, which stems from improper resource permission allocation in the patch management component. This vulnerability may all...

7.8CVSS5.8AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

Sandboxie-Plus 注入漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier had an injection vulnerability. This vulnerability stems from an INI injection flaw that allows standard local users to bypass configuration restrictions and inject...

9.3CVSS5.9AI score0.00251EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

Amazon WorkSpaces 安全漏洞

Amazon WorkSpaces is a fully managed, persistent desktop virtualization service provided by Amazon, Inc. It allows your users to access the data, applications, and resources they need from any supported device, at any time. Versions of Amazon WorkSpaces prior to 2.6.2034.0 contained a security...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/30 8:12 p.m.7 views

EUVD-2026-26424

CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can use it to ‘blue screen’ the system...

5.9CVSS5.7AI score0.00097EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

IBM watsonx.data intelligence 安全漏洞

IBM Watsonx.Data Intelligence is a data intelligence platform developed by IBM. Versions 5.2.0, 5.2.1, 5.3.0, and 5.3.1 of IBM Watsonx.Data Intelligence contain security vulnerabilities. These vulnerabilities stem from the storage of user credentials in plaintext, which could be read by local use...

6.2CVSS5.8AI score0.00093EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 3:28 p.m.4 views

CVE-2026-6970

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS5.2AI score0.0011EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.13 views

Fan Control 安全漏洞

Fan Control is a cooling fan control software developed by Rémi Mercier. The Fan Control V251 version contains a security vulnerability, which stems from improper handling of Open File Dialog permissions. This vulnerability could allow local attackers to execute operations with administrator...

8.8CVSS5.9AI score0.00102EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 7:50 p.m.39 views

CVE-2026-41477 Deskflow: Local privilege escalation via unauthenticated IPC

Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes privileged commands without authentication, allowing any local unprivileged user to execute arbitrary...

7.8CVSS0.00218EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/04/24 7:50 p.m.12 views

CVE-2026-41477

Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes privileged commands without authentication, allowing any local unprivileged user to execute arbitrary...

7.8CVSS5.8AI score0.00218EPSS
Exploits1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

deskflow 访问控制错误漏洞

Deskflow is an open-source tool for sharing keyboards and mice across devices. Versions of Deskflow such as 1.20.0, 1.26.0.134, and earlier had access control vulnerabilities. These vulnerabilities stemmed from the Deskflow daemon running as the SYSTEM account, exposing IPC named pipes that have...

7.8CVSS6.1AI score0.00218EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/22 1:39 p.m.6 views

CVE-2026-6861

A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted SVG Scalable Vector Graphics CSS Cascading Style Sheets data. A local user could exploit this by convincing a victim to open a malicious SVG file, which may lead to a denial...

7.1CVSS5.6AI score0.00108EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2026/04/22 12:0 a.m.97 views

AVAST Antivirus 25.11 - Unquoted Service Path

Exploit Title: AVAST Antivirus 25.11 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Date: 2025-12-17 Vendor Homepage:https://www.avast.com/ Software Link : https://www.avast.com/es-mx/download-thank-you.php?product=SLN&locale=es-mx Tested Version:...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.12 views

Canonical Livepatch 安全漏洞

Canonical Livepatch is a system component developed by Canonical OpenSource that manages kernel hotfix updates and patches. Versions of Canonical Livepatch prior to 10.15.0 contained security vulnerabilities. These vulnerabilities were caused by improper access control, allowing local...

5.7CVSS5.8AI score0.00121EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.3 views

Lexmark International X1185 Improper Privilege Management (CVE-2006-0577)

Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the Appearance dialog and selecting the Additional styles skins are available on the Lexmark web site option, which launches a web browser that is running with SYSTEM privileges. This plugin only works with...

7.2CVSS5.7AI score0.00344EPSS
Exploits0References6
OSV
OSV
added 2026/04/17 1:3 p.m.13 views

OESA-2026-1986 avahi security update

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared...

5.5CVSS5.7AI score0.00203EPSS
Exploits1References2
Rows per page
Query Builder