Lucene search
K

35 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47967

Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description An out-of-bounds read allows an unauthorized attacker to disclose sensitive information locally and affect the system. An out-of-bounds read occurs when a program reads data past the...

3.3CVSS6.9AI score0.00437EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/12 12:30 p.m.5 views

Duplicate Advisory: OpenClaw safeBins file-existence oracle information disclosure

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6c9j-x93c-rw6j. This link is maintained to preserve external references. Original Description A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of th...

5.5CVSS5.2AI score0.00133EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000191 advisory. btrfsfreeextent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfsprintleaf in a certain ENOENT case, which allows local users to obtain...

5.5CVSS6.7AI score0.00729EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/10/27 6:41 p.m.9 views

CVE-2025-46602

Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...

4.4CVSS0.00099EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-25850

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-33203

Malicious code in bioql PyPI...

3.3CVSS4.5AI score0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-3610

Malicious code in bioql PyPI...

2.7CVSS4.1AI score0.00155EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-3616

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00111EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 2:0 p.m.6 views

CVE-2025-36581

Dell PowerEdge Platform versions 14G AMD BIOS v1.25.0 and prior, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...

3.8CVSS0.00124EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:32 a.m.5 views

CVE-2024-43084

In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2CVSS6.3AI score0.00095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:15 p.m.5 views

CVE-2022-20199

In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Androi...

5.5CVSS6.2AI score0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/01 12:0 a.m.6 views

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of privilege checking in validationtools, leading to the disclosure of local information...

5.5CVSS6.7AI score0.0008EPSS
Exploits0References2
OSV
OSV
added 2023/10/30 5:15 p.m.4 views

CVE-2023-21326

In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.4 views

PT-2023-18120 · Unknown · Jobscheduler

Name of the Vulnerable Software and Affected Versions: Job Scheduler affected versions not specified Description: The issue allows an attacker to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information...

5.5CVSS5AI score0.00103EPSS
Exploits0References4
Prion
Prion
added 2023/08/07 2:15 a.m.14 views

Information disclosure

In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges...

1.7CVSS5.2AI score0.0008EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.3 views

SUSE CVE-2010-3298

The hsogetcount function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call...

2.1CVSS6AI score0.00407EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2022/12/16 12:0 a.m.6 views

CVE-2022-20538

In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...

5AI score0.00119EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/12/15 12:0 a.m.36 views

Zoom Client for Meetings < 5.12.6 Vulnerability (ZSB-22025)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.12.6. It is, therefore, affected by a vulnerability as referenced in the ZSB-22025 advisory. - The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a loca...

3.3CVSS5.1AI score0.00268EPSS
Exploits0References2
OSV
OSV
added 2022/11/14 9:15 p.m.5 views

CVE-2022-28764

The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting...

3.3CVSS5.8AI score0.00268EPSS
Exploits0References1
Prion
Prion
added 2022/11/14 9:15 p.m.26 views

Information disclosure

The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting...

1.7CVSS4.2AI score0.00268EPSS
Exploits0References1Affected Software3
Rows per page
Query Builder