Lucene search
K

4835 matches found

Microsoft CVE
Microsoft CVE
added 2025/07/08 2:0 p.m.7 views

Microsoft Brokering File System Elevation of Privilege Vulnerability

Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00365EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/07/08 2:0 p.m.8 views

Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

Out-of-bounds read in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...

8.8CVSS6.5AI score0.00328EPSS
Exploits0
NVD
NVD
added 2025/07/08 11:15 a.m.6 views

CVE-2025-21004

Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device...

6.2CVSS0.0008EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 10:34 a.m.8 views

CVE-2025-21006

Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory...

7CVSS0.00123EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 7:15 a.m.5 views

CVE-2025-24006

A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root...

7.8CVSS0.00112EPSS
Exploits0References1
CVE
CVE
added 2025/07/08 6:59 a.m.25 views

CVE-2025-24005

CVE-2025-24005 is a local privilege escalation affecting the PHOENIX CONTACT CHARX SEC series, caused by an input validation error in a vulnerable script accessible via SSH. An attacker with a local account can escalate to root. The public documents describe the vulnerability and impact but do no...

7.8CVSS6.5AI score0.00125EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2025/07/08 12:0 a.m.8 views

Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS6.3AI score0.00348EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.5 views

PT-2025-28565

Name of the Vulnerable Software and Affected Versions: Windows Win32K affected versions not specified Description: The issue is related to a double free in Windows Win32K - ICOMP, which allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no...

10CVSS6.5AI score0.00485EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2025/07/08 12:0 a.m.3 views

Azure Service Fabric Explorer Information Disclosure (July 2025)

The Azure Service Fabric installed on the remote host is affected by an runtime elevation of privilege vulnerability. A local, authenticated attacker can exploit this to elevate privileges. Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...

6CVSS5.6AI score0.00323EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/08 12:0 a.m.9 views

KB5062618: Windows Server 2008 Security Update (July 2025)

The remote Windows host is missing security update 5062618. It is, therefore, affected by multiple vulnerabilities - Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. CVE-2025-49659 - Untrusted pointer dereference in Windows Event Tracing allows an...

8.8CVSS6.4AI score0.14294EPSS
Exploits6References52
Zero Day Initiative
Zero Day Initiative
added 2025/07/08 12:0 a.m.15 views

Microsoft Windows win32kfull Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

7.8CVSS6.5AI score0.00273EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.4 views

PT-2025-28517 · Microsoft · Windows Storage Vsp Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Storage VSP Driver affected versions not specified Description: The issue is related to improper input validation in the Windows Storage VSP Driver, which allows an authorized attacker to elevate privileges locally. This means an...

7.8CVSS5.9AI score0.00366EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.3 views

PT-2025-28343 · Phoenix Contact · Charx Sec-3000 +7

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation. Recommendations: At the moment, there is ...

7.8CVSS6.1AI score0.00125EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/06 9:8 p.m.8 views

CVE-2025-7068

A flaw was found in HDF5. The H5FLmalloc function in src/H5FL.c exhibits a memory leak due to improper memory management, requiring local attacker access. This manipulation results in a resource exhaustion condition. Consequently, an application-level denial of service may occur. Mitigation...

5.5CVSS3.6AI score0.00194EPSS
Exploits1References8
OSV
OSV
added 2025/07/04 9:15 p.m.2 views

DEBIAN-CVE-2025-7068

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

5.5CVSS3.8AI score0.00194EPSS
Exploits1References1
NVD
NVD
added 2025/07/04 9:15 p.m.9 views

CVE-2025-7068

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

5.5CVSS0.00194EPSS
Exploits1References5
OSV
OSV
added 2025/07/04 9:15 p.m.2 views

CVE-2025-7068

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

5.5CVSS3.6AI score
Exploits0References5
OSV
OSV
added 2025/07/04 9:15 p.m.8 views

AZL-65205 CVE-2025-7068 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

5.5CVSS5.1AI score0.00194EPSS
Exploits1References1
OSV
OSV
added 2025/07/04 9:15 p.m.7 views

AZL-65160 CVE-2025-7068 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

5.5CVSS5.1AI score0.00194EPSS
Exploits1References1
OSV
OSV
added 2025/07/04 9:15 p.m.4 views

CVE-2025-7069

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...

5.5CVSS3.7AI score
Exploits0References5
Rows per page
Query Builder