Lucene search
+L

173 matches found

hp
hp
added 2026/06/15 12:0 a.m.9 views

HP One Agent Software – Security Update

Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege and/or denial of service. HP is releasing software updates to mitigate these potential vulnerabilities. Mitigation is available in HP Privacy...

9.1CVSS7.1AI score0.05582EPSS
Exploits1Affected Software1
redhatcve
redhatcve
added 2026/05/22 2:12 p.m.9 views

CVE-2025-58074

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/04 1:11 p.m.4 views

CVE-2025-58074

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/05/04 1:11 p.m.8 views

CVE-2025-58074 Privilege escalation during the installation of Norton Secure VPN via the Microsoft Store

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References2
euvd
euvd
added 2026/05/04 1:11 p.m.7 views

EUVD-2025-209612

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/04 1:11 p.m.83 views

CVE-2025-58074 Privilege escalation during the installation of Norton Secure VPN via the Microsoft Store

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges...

8.8CVSS0.00127EPSS
Exploits0References2
cve
cve
added 2026/05/04 1:11 p.m.37 views

CVE-2025-58074

This CVE concerns Norton Secure VPN installation via the Microsoft Store. A privilege-escalation exists when installing Norton Secure VPN, where an unprivileged user can influence the installation by manipulating a writable 7z payload in C:\ProgramData\NortonInstaller\Settings before setup runs. ...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/05/04 12:0 a.m.12 views

Gen Digital Norton Secure VPN 安全漏洞

Gen Digital Norton Secure VPN is a virtual private network service provided by the American company Gen Digital. There is a security vulnerability in Gen Digital Norton Secure VPN, which stems from permission escalation during the installation process through the Microsoft Store. Low-privilege...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/04 12:0 a.m.15 views

PT-2026-36800

Name of the Vulnerable Software and Affected Versions Norton Secure VPN affected versions not specified Description A privilege escalation issue occurs during the installation of the software via the Microsoft Store. A low-privilege user can replace files during the installation process,...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References8
talos
talos
added 2026/05/04 12:0 a.m.22 views

Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2276 Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability May 4, 2026 CVE Number CVE-2025-58074 SUMMARY A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Stor...

8.8CVSS5.9AI score0.00127EPSS
Exploits0
talos
talos
added 2026/04/22 12:0 a.m.6 views

Adobe Photoshop Installation Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2274 Adobe Photoshop Installation Privilege Escalation Vulnerability April 22, 2026 CVE Number CVE-2026-34632 SUMMARY A privilege escalation vulnerability exists during the installation of Adobe Photoshop via the Microsoft Store. The vulnerable version of the...

8.2CVSS5.5AI score0.0028EPSS
Exploits1
mskb
mskb
added 2026/03/10 2:0 p.m.56 views

March 10, 2026—KB5078938 (OS Build 14393.8957)

None None...

8.8CVSS6.8AI score0.04491EPSS
Exploits11
thn
thn
added 2026/02/16 12:55 p.m.19 views

Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware

This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, moder...

10CVSS7.9AI score0.88115EPSS
Exploits51
ptsecurity
ptsecurity
added 2026/02/13 12:0 a.m.14 views

PT-2026-8028

Name of the Vulnerable Software and Affected Versions Windows Notepad versions prior to 11.x patch Description A remote code execution issue exists in the modern Windows 11 Notepad application distributed through the Microsoft Store. A malicious Markdown .md file can trigger command injection,...

6.5AI score
Exploits0References2
thn
thn
added 2026/02/11 5:45 p.m.7 views

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fa...

6.1AI score
Exploits0
nessus
nessus
added 2026/02/11 12:0 a.m.44 views

Microsoft Windows Notepad < 11.2510 Command Injection (February 2026)

The Windows 'Microsoft Windows Notepad' app installed on the remote host is prior to version 11.2510. It is, therefore, affected by a command injection vulnerability: - Improper neutralization of special elements used in a command allows an unauthorized attacker to execute code over a network...

7.8CVSS6.3AI score0.1165EPSS
Exploits9References2
mskb
mskb
added 2026/01/17 12:0 a.m.26 views

January 17, 2026—KB5077796 (OS Builds 19045.6811 and 19044.6811) Out-of-band

None None...

6.1AI score
Exploits0
redhatcve
redhatcve
added 2026/01/16 3:28 p.m.7 views

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

8.8CVSS6.9AI score0.00143EPSS
Exploits0References1
nvd
nvd
added 2026/01/15 4:16 p.m.7 views

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

8.8CVSS0.00143EPSS
Exploits0References2
euvd
euvd
added 2026/01/15 3:19 p.m.6 views

EUVD-2026-2749

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

8.8CVSS6.4AI score0.00143EPSS
Exploits0References3
Rows per page
Query Builder