Lucene search
K

4838 matches found

CNNVD
CNNVD
added 2025/09/19 12:0 a.m.4 views

APEUni PTE Exam Practice App 安全漏洞

APEUni PTE Exam Practice App is a practice and tutoring app designed for PTE exam takers by China's APEUni. A security vulnerability exists in APEUni PTE Exam Practice App version 10.8.0 and earlier, which stems from an improperly exported AndroidManifest.xml file and could lead to a local attack...

5.3CVSS5.2AI score0.00122EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.3 views

INTSIG CamScanner App 安全漏洞

INTSIG CamScanner App Scanning Almighty is a mobile document scanning and management application from China's Hehe Information INTSIG. A security vulnerability exists in INTSIG CamScanner App version 6.91.1.5.250711, which originates from an improperly exported AndroidManifest.xml file, and could...

5.3CVSS5.2AI score0.00131EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.10 views

PT-2025-38588

Name of the Vulnerable Software and Affected Versions SKTLab Mukbee App version 1.01.196 Description A vulnerability exists in SKTLab Mukbee App that results in improper export of android application components. The issue affects an unknown function within the AndroidManifest.xml file of the...

5.3CVSS5AI score0.00122EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.6 views

PT-2025-38581

Name of the Vulnerable Software and Affected Versions Ooma Office Business Phone App versions up to 7.2.2 Description A vulnerability exists in the com.ooma.office2 component of the Ooma Office Business Phone App on Android. The issue involves improper export of Android application components,...

5.3CVSS4.8AI score0.00131EPSS
Exploits0References7
NVD
NVD
added 2025/09/18 10:15 p.m.8 views

CVE-2025-59216

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

7CVSS0.00232EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/09/18 7:0 a.m.11 views

Windows Graphics Component Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

7CVSS7AI score0.00232EPSS
Exploits0
CNNVD
CNNVD
added 2025/09/18 12:0 a.m.2 views

AIBattery 访问控制错误漏洞

AIBattery is a battery management tool for macOS by Wen Personal Developer. An access control error vulnerability exists in AIBattery 1.0.9 and earlier versions, which stems from a lack of authentication in the file AIBatteryHelper/XPC/BatteryXPCService.swift, which could lead to a local attack...

8.5CVSS7.5AI score0.00223EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.2 views

PT-2025-38492

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A use after free issue exists in the Microsoft Graphics Component, potentially allowing a local attacker to elevate privileges. Recommendations At the moment, there is no informatio...

7CVSS6.1AI score0.00298EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.7 views

PT-2025-38057

Name of the Vulnerable Software and Affected Versions: Greenshot versions 1.3.300 and earlier Description: Greenshot is a Windows screenshot utility. The software deserializes attacker-controlled data received in a WM COPYDATA message using BinaryFormatter.Deserialize without prior validation or...

8.4CVSS7.1AI score0.00274EPSS
Exploits1References9
NVD
NVD
added 2025/09/15 8:15 p.m.5 views

CVE-2025-10475

A weakness has been identified in SpyShelter up to 15.4.0.1015. Affected is an unknown function in the library SpyShelter.sys of the component IOCTL Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been made available to the public and...

6.8CVSS0.00138EPSS
Exploits0References5
Amazon
Amazon
added 2025/09/15 12:0 a.m.3 views

Low: libtiff

Issue Overview: A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The...

2.5CVSS6.3AI score0.00196EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/09/12 12:20 a.m.6 views

CVE-2025-10195

A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit...

5.3CVSS6.2AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 5:29 p.m.4 views

CVE-2025-54098

Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.02586EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 5:29 p.m.4 views

CVE-2025-54895

Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally...

7.8CVSS7.2AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 5:29 p.m.5 views

CVE-2025-55316

External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally...

7.8CVSS6.9AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 5:29 p.m.2 views

CVE-2025-53807

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

7CVSS6.9AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2025/09/10 1:15 a.m.4 views

CVE-2025-10195

A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit...

5.3CVSS0.00122EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/10 12:0 a.m.3 views

Seismic App 安全漏洞

Seismic App is a mobile application for a sales empowerment platform from Seismic USA. A security vulnerability exists in Seismic App version 2.4.2, which stems from an improper export of the file AndroidManifest.xml component and could lead to a local attack...

5.3CVSS5.3AI score0.00122EPSS
Exploits0References5
CVE
CVE
added 2025/09/10 12:0 a.m.16 views

CVE-2025-50892

The CVE-2025-50892 entry concerns EaseUS Todo Backup 1.2.0.1, where the eudskacs.sys driver (version 20250328) fails to properly validate privileges for I/O requests (IRP_MJ_READ/IRP_MJ_WRITE) sent to its device object. This creates a local, low-privileged attacker capability to perform arbitrary...

7.8CVSS6.2AI score0.00118EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.4 views

PT-2025-37001

Name of the Vulnerable Software and Affected Versions: Seismic App version 2.4.2 Description: A vulnerability exists in Seismic App version 2.4.2 on Android due to improper export of android application components within the AndroidManifest.xml file of the com.seismic.doccenter component. This...

5.3CVSS5.1AI score0.00122EPSS
Exploits0References9
Rows per page
Query Builder