Lucene search
K

158 matches found

ATTACKERKB
ATTACKERKB
added 2023/08/05 2:15 a.m.3 views

CVE-2022-46782

An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine...

7.8CVSS7.3AI score0.00178EPSS
Exploits0References2
NVD
NVD
added 2023/04/21 8:15 p.m.29 views

CVE-2023-30618

Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. Kitchen-Terraform v7.0.0 introduced a regression which caused all Terraform output values,...

3.3CVSS3.9AI score0.00212EPSS
Exploits0References2
OSV
OSV
added 2023/04/21 7:34 p.m.21 views

CVE-2023-30618 Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform

Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. Kitchen-Terraform v7.0.0 introduced a regression which caused all Terraform output values,...

3.2CVSS4.3AI score0.00212EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2022/11/05 1:28 p.m.609 views

Exploit for Improper Control of Dynamically-Managed Code Resources in Vm2_Project Vm2

Exploit-For-CVE-2022-36067 This repo contains payload for the...

10CVSS9.6AI score0.47868EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2022/10/29 12:0 a.m.6 views

CVE-2021-42777

Stimulsoft aka Stimulsoft Reports 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start...

9.5AI score0.00962EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/09/12 8:47 p.m.12 views

CVE-2021-44425

An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. An unnecessarily open listening port on a machine in the LAN of an attacker, opened by the Anydesk Windows client when using the tunneling feature, allows the attacker unauthorized access to the local machine's AnyDesk...

7.1AI score0.00554EPSS
Exploits1References2
NVD
NVD
added 2022/08/29 3:15 p.m.36 views

CVE-2022-0852

There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the...

5.5CVSS0.00355EPSS
Exploits1References5
OSV
OSV
added 2022/08/29 3:15 p.m.23 views

CVE-2022-0852

There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the...

5.5CVSS6.8AI score0.00355EPSS
Exploits1References5
NVD
NVD
added 2022/08/29 3:15 p.m.64 views

CVE-2022-0851

There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line v...

5.5CVSS0.00303EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/20 1:29 a.m.34 views

Security Bulletin: IBM Tivoli Storage Manager FastBack Mount Remote Code Execution Vulnerability (CVE-2015-0119)

Summary IBM Tivoli Storage Manager FastBack Mount might be vulnerable to remote code execution from the network or local machine. Vulnerability Details CVEID: CVE-2015-0119 DESCRIPTION: The Mount from IBM Tivoli Storage Manager FastBack 6.1.11 and earlier versions might be vulnerable to remote co...

7.5CVSS6.7AI score0.02654EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/19 6:23 p.m.19 views

Security Bulletin: IBM Tivoli Storage Manager FastBack Mount Buffer Overflow (CVE-2015-0120)

Summary IBM Tivoli Storage Manager FastBack Mount might be vulnerable to buffer overflow from the network or local machine. Vulnerability Details CVEID: CVE-2015-0120 DESCRIPTION: The Mount from IBM Tivoli Storage Manager FastBack 6.1.11 and earlier versions might be vulnerable to buffer overflow...

7.5CVSS6.2AI score0.01423EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/03/03 12:15 a.m.14 views

CVE-2022-25089

Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEYLOCALMACHINE via UITasks.PersistentRegistryData...

9.8CVSS7.3AI score0.18617EPSS
Exploits4References4
OSV
OSV
added 2022/02/04 11:15 p.m.3 views

CVE-2022-22727

A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user�s local machine when the user clicks a specially crafted link. Affected Product: EcoStruxure Power...

8.8CVSS7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2021/10/28 11:30 a.m.37 views

DonPAPI - Dumping DPAPI Credz Remotely

Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...

7.1AI score
Exploits0References7
NVD
NVD
added 2021/09/08 2:15 p.m.24 views

CVE-2021-28581

Adobe Creative Cloud Desktop 3.5 and earlier is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine...

7.3CVSS0.00856EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/09/08 1:29 p.m.25 views

CVE-2021-28581 Adobe Creative Cloud Desktop uncontrolled search path element vulnerability could lead to local privilege escalation

Adobe Creative Cloud Desktop 3.5 and earlier is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine...

7.3CVSS7.1AI score0.00856EPSS
Exploits0References1
NVD
NVD
added 2021/05/13 11:15 a.m.20 views

CVE-2021-22153

A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM versions 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of th...

7.3CVSS0.00964EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/04/26 12:1 p.m.5 views

Mozilla: More internal network hosts could have been probed by a malicious webpage

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

7.4CVSS7.4AI score0.01323EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/04/26 6:21 a.m.4 views

Mozilla: More internal network hosts could have been probed by a malicious webpage

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

7.4CVSS7.4AI score0.01323EPSS
Exploits0References5
Veracode
Veracode
added 2021/03/25 1:22 a.m.32 views

Remote Code Execution (RCE)

firefox-esr / thunderbird is vulnerable to remote code execution. When a user is surfing a malicious webpage, it could scanned both an internal network’s hosts as well as services running on the user’s local machine utilizing WebRTC connections...

6.5CVSS2.1AI score0.00743EPSS
Exploits0References7Affected Software9
Rows per page
Query Builder