Lucene search
K

21822 matches found

CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

Amazon WorkSpaces 安全漏洞

Amazon WorkSpaces is a fully managed, persistent desktop virtualization service provided by Amazon, Inc. It allows your users to access the data, applications, and resources they need from any supported device, at any time. Versions of Amazon WorkSpaces prior to 2.6.2034.0 contained a security...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/30 8:12 p.m.7 views

EUVD-2026-26424

CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can use it to ‘blue screen’ the system...

5.9CVSS5.7AI score0.00097EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.9 views

IBM watsonx.data intelligence 安全漏洞

IBM Watsonx.Data Intelligence is a data intelligence platform developed by IBM. Versions 5.2.0, 5.2.1, 5.3.0, and 5.3.1 of IBM Watsonx.Data Intelligence contain security vulnerabilities. These vulnerabilities stem from the storage of user credentials in plaintext, which could be read by local use...

6.2CVSS5.8AI score0.00093EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 3:28 p.m.4 views

CVE-2026-6970

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS5.2AI score0.0011EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.13 views

Fan Control 安全漏洞

Fan Control is a cooling fan control software developed by Rémi Mercier. The Fan Control V251 version contains a security vulnerability, which stems from improper handling of Open File Dialog permissions. This vulnerability could allow local attackers to execute operations with administrator...

8.8CVSS5.9AI score0.00102EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/24 7:50 p.m.11 views

CVE-2026-41477

Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes privileged commands without authentication, allowing any local unprivileged user to execute arbitrary...

7.8CVSS5.8AI score0.00218EPSS
Exploits1
Cvelist
Cvelist
added 2026/04/24 7:50 p.m.36 views

CVE-2026-41477 Deskflow: Local privilege escalation via unauthenticated IPC

Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes privileged commands without authentication, allowing any local unprivileged user to execute arbitrary...

7.8CVSS0.00218EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.10 views

deskflow 访问控制错误漏洞

Deskflow is an open-source tool for sharing keyboards and mice across devices. Versions of Deskflow such as 1.20.0, 1.26.0.134, and earlier had access control vulnerabilities. These vulnerabilities stemmed from the Deskflow daemon running as the SYSTEM account, exposing IPC named pipes that have...

7.8CVSS6.1AI score0.00218EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/22 1:39 p.m.6 views

CVE-2026-6861

A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted SVG Scalable Vector Graphics CSS Cascading Style Sheets data. A local user could exploit this by convincing a victim to open a malicious SVG file, which may lead to a denial...

7.1CVSS5.6AI score0.00108EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2026/04/22 12:0 a.m.90 views

AVAST Antivirus 25.11 - Unquoted Service Path

Exploit Title: AVAST Antivirus 25.11 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Date: 2025-12-17 Vendor Homepage:https://www.avast.com/ Software Link : https://www.avast.com/es-mx/download-thank-you.php?product=SLN&locale=es-mx Tested Version:...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.11 views

Canonical Livepatch 安全漏洞

Canonical Livepatch is a system component developed by Canonical OpenSource that manages kernel hotfix updates and patches. Versions of Canonical Livepatch prior to 10.15.0 contained security vulnerabilities. These vulnerabilities were caused by improper access control, allowing local...

5.7CVSS5.8AI score0.00121EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.3 views

Lexmark International X1185 Improper Privilege Management (CVE-2006-0577)

Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the Appearance dialog and selecting the Additional styles skins are available on the Lexmark web site option, which launches a web browser that is running with SYSTEM privileges. This plugin only works with...

7.2CVSS5.7AI score0.00344EPSS
Exploits0References6
OSV
OSV
added 2026/04/17 1:3 p.m.12 views

OESA-2026-1986 avahi security update

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared...

5.5CVSS5.7AI score0.00203EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/15 12:28 p.m.5 views

CVE-2026-4145

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges...

8.5CVSS6.3AI score0.00196EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 12:27 p.m.21 views

CVE-2026-1636

Lenovo Service Bridge is affected by a DLL hijacking vulnerability that, under certain conditions, could allow a local authenticated user to execute code with elevated privileges. The issue is documented across multiple sources (CVE-2026-1636) with a vulnerability pattern described as DLL search ...

6.7CVSS5.9AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.8 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 10.11.12 and earlier, including 10.11.x, have security vulnerabilities. These vulnerabilities stem from unvalidated user ownership, which could allow malicious remote...

2.7CVSS5.9AI score0.00167EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Lenovo Software Fix 安全漏洞

Lenovo Software Fix is a system repair tool developed by the Chinese company Lenovo. Lenovo Software Fix has a security vulnerability, which stems from improper permission verification during the installation process. This vulnerability may allow locally authenticated users to execute code with...

7.3CVSS6AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Lenovo Diagnostics 安全漏洞

Lenovo Diagnostics is a tool developed by Lenovo Corporation for scanning and diagnosing hardware faults on Lenovo computers. This tool helps users scan their computers, identify issues with the system, and repair them. Lenovo Diagnostics can also assist users in resolving various computer proble...

7.1CVSS6.1AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Lenovo Software Fix 安全漏洞

Lenovo Software Fix is a system repair tool developed by the Chinese company Lenovo. Lenovo Software Fix has a security vulnerability, which stems from improper permission verification. This vulnerability may allow locally authenticated users to execute arbitrary code with elevated privileges...

8.5CVSS6.2AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/04/10 5:16 a.m.9 views

CVE-2026-4482

The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems users have read and execute access. For the client.key file in particular, this could potentially lead to exploits, as this exposes agent identity material to any...

6.8CVSS0.00075EPSS
Exploits0References1
Rows per page
Query Builder