Lucene search
K

194 matches found

NVD
NVD
added 2026/04/17 6:16 a.m.7 views

CVE-2026-6482

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/17 5:19 a.m.5 views

CVE-2026-6482

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS5.9AI score0.0018EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/17 5:19 a.m.5 views

CVE-2026-6482 Local Privilege Escalation via OpenSSL configuration file in Insight Agent

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS5.9AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/17 5:19 a.m.31 views

CVE-2026-6482 Local Privilege Escalation via OpenSSL configuration file in Insight Agent

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/04/17 5:19 a.m.19 views

CVE-2026-6482

The CVE-2026-6482 entry describes a Local Privilege Escalation in Rapid7 Insight Agent (Windows) versions > 4.1.0.2. At startup, the high-privilege agent service loads an OpenSSL configuration file from a directory writable by standard users; a crafted openssl.cnf can cause the service to exec...

9.3CVSS5.9AI score0.0018EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.9 views

PT-2026-33413

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS5.9AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-4158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate...

7.3CVSS7.5AI score0.00226EPSS
Exploits0References2
NVD
NVD
added 2026/04/11 1:16 a.m.6 views

CVE-2026-4158

KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged code on the targe...

7.3CVSS0.00226EPSS
Exploits0References2
OSV
OSV
added 2026/04/11 1:16 a.m.7 views

UBUNTU-CVE-2026-4158

KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged code on the targe...

7.3CVSS6.2AI score0.00226EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/11 1:16 a.m.3 views

CVE-2026-4158

KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged code on the targe...

7.3CVSS7.4AI score0.00226EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/11 12:17 a.m.34 views

CVE-2026-4158 KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged code on the targe...

7.3CVSS0.00226EPSS
Exploits0References2
CVE
CVE
added 2026/04/11 12:17 a.m.47 views

CVE-2026-4158

CVE-2026-4158 affects KeePassXC due to an OpenSSL configuration issue where the program loads configuration from an unsecured location, enabling a local attacker who can run low-privileged code to escalate privileges and execute arbitrary code within KeePassXC. Connected documents corroborate a l...

7.3CVSS7.5AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/31 1:56 a.m.3 views

EUVD-2026-17285

vcpkg is a free and open-source C/C++ package manager. Prior to version 3.6.13, vcpkg's Windows builds of OpenSSL set openssldir to a path on the build machine, making that path be attackable later on customer machines. This issue has been patched in version 3.6.13...

7.8CVSS5.8AI score0.00715EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2026/02/25 12:0 a.m.6 views

Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Siemens SINEC NMS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration ...

7.8CVSS6.1AI score0.00238EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/02/25 12:0 a.m.7 views

Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Siemens SINEC NMS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration ...

7.8CVSS6.1AI score0.00238EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.170 views

📄 Zabbix Agent Binaries 7.4 OpenSSL Path Scanner

This tool performs static analysis on Zabbix Agent binaries to identify hardcoded OpenSSL paths such as OPENSSLDIR, ENGINESDIR, and MODULESDIR. It leverages strings and radare2 to extract embedded configuration paths, OpenSSL version information, and indicators of dynamic engine or module loading...

7.3CVSS5.9AI score0.00325EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/01/07 9:9 a.m.7 views

CVE-2024-2658

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 11.19.6.0 allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted...

8.5CVSS6.7AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/24 10:29 p.m.4 views

CVE-2025-14406

Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Soda PDF Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.8CVSS7.8AI score0.00138EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/24 12:30 a.m.6 views

EUVD-2025-205001

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...

6.6CVSS7.1AI score0.00278EPSS
Exploits0References2
NVD
NVD
added 2025/12/23 10:15 p.m.5 views

CVE-2025-14405

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...

6.8CVSS0.00278EPSS
Exploits0References1
Rows per page
Query Builder