EUVD-2022-53048

Malicious code in bioql PyPI...

CVE-2025-35112 Agiloft XML external entity local path traversal

Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31...

CVE-2025-35112

CVE-2025-35112 describes an XML External Entities path-traversal vulnerability in Agiloft Release 28, exploitable via any table that allows import/export. An authenticated attacker can import a template file and traverse local system files. The issue is caused by improper handling of XML entities...

Unspecified Vulnerability in Tenable Agent

Tenable Agent is a vulnerability scanning program from Tenable USA. Tenable Agent suffers from a security vulnerability that originates from a non-administrative user being able to overwrite arbitrary local system files with SYSTEM privileges. No details of the vulnerability are provided at this...

Unspecified Vulnerability in Tenable Nessus

Tenable Nessus is a network vulnerability scanning tool developed by Tenable, Inc. to detect security vulnerabilities in networks and provide recommendations for fixing them. Tenable Nessus has a security vulnerability that can be exploited by an attacker to overwrite arbitrary local system files...

Tenable Nessus 安全漏洞

Tenable Nessus is a network vulnerability scanning tool developed by Tenable, Inc. to detect security vulnerabilities in networks and provide recommendations for fixing them. Tenable Nessus has a security vulnerability that can be exploited by an attacker to overwrite arbitrary local system files...

📄 Monect PC Remote 7.7.2 Unquoted Service Path

Monect PC Remote version 7.7.2 suffers from an unquoted service path vulnerability in MonectServerService. Exploit Title: Monect PC Remote 7.7.2 - Unquoted path service Date: 25/06/25 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.monect.com/ Software Link:...

CVE-2025-24287

A vulnerability allowing local system users to modify directory contents, allowing for arbitrary code execution on the local system with elevated permissions...

CVE-2025-24287

CVE-2025-24287 affects Veeam Agent for Microsoft Windows prior to version 6.3.2.1205. A local vulnerability allows a local system user to modify directory contents, enabling arbitrary code execution with elevated permissions on the host. Public sources in the connected set corroborate this descri...

CVE-2025-24287

A vulnerability allowing local system users to modify directory contents, allowing for arbitrary code execution on the local system with elevated permissions...

Tenable Nessus Agent Multiple Vulnerabilities (TNS-2025-11)

Tenable Nessus Agent is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessusagent";...

📄 Remote for Windows 2024.15 Unquoted Service Path

Remote for Windows version 2024.15 suffers from an unquoted service path vulnerability. Exploit Title: Remote for Windows 2024.15 - Unquoted Service Path Date: 2025-05-23 Exploit Author: Chokri Hammedi Vendor Homepage: https://rs.ltd Software Link: https://rs.ltd/latest.php?os=win Version: 2024.1...

CVE-2024-8037

Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a...

CVE-2024-20060

In da, there is a possible escalation of privilege due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541749; Issue ID: ALPS08541754...

CVE-2023-21360

In Bluetooth, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-26427

Default permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated the default permissions for noreply.properties set during package installation. No publicly available exploits are known...

CVE-2023-42557

Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

CVE-2023-20715

In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900...

CVE-2023-32884

In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011...