Lucene search
K

616 matches found

Vulnrichment
Vulnrichment
added 2026/04/20 12:0 a.m.5 views

CVE-2026-29647

In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling...

5.8AI score0.00231EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.5 views

PT-2026-33840

In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling...

6.5CVSS5.8AI score0.00231EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

NEMU 安全漏洞

NEMU is an open-source teaching system simulator developed by XiangShan. NEMU has a security vulnerability, which stems from insufficient Smstateen permissions. This vulnerability may allow low-privilege code access to IMSIC state, potentially leading to cross-context information leaks or...

6.5CVSS5.8AI score0.00231EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/17 10:57 a.m.29 views

CVE-2026-35074

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS Command Injection vulnerability. A high privileged attacker...

6.7CVSS0.00571EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/17 9:31 a.m.5 views

EUVD-2025-209517

Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an insufficiently protected credentials vulnerability. A low privileged attacker with...

7.8CVSS5.7AI score0.0011EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.9 views

Malwarebytes Anti-Malware Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Anti-Malware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS6.1AI score
Exploits0
EUVD
EUVD
added 2026/04/14 3:30 p.m.8 views

EUVD-2026-22249

.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 1:16 p.m.4 views

CVE-2026-2450

.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

7.4CVSS0.00271EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/14 12:31 p.m.4 views

EUVD-2026-22248

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

9CVSS5.8AI score0.00329EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 12:16 p.m.5 views

CVE-2026-2449

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

9CVSS0.00329EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 12:7 p.m.3 views

CVE-2026-2450

.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/14 12:7 p.m.4 views

CVE-2026-2450

.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References2
CVE
CVE
added 2026/04/14 12:7 p.m.8 views

CVE-2026-2450

CVE-2026-2450 concerns a .NET misconfiguration in upKeeper Solutions’ upKeeper Instant Privilege Access, enabling impersonation that hijacks a Privileged Thread of Execution. Affected product: upKeeper Instant Privilege Access up to version 1.5.0. The CVSS 4.0 vector indicates NETWORK attack vect...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 11:56 a.m.2 views

CVE-2026-2449

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

9CVSS5.8AI score0.00329EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 11:56 a.m.8 views

CVE-2026-2449

CVE-2026-2449 affects upKeeper Instant Privilege Access (upKeeper Solutions) up to version 1.5.0. The issue is described as improper neutralization of argument delimiters in a command (argument injection) vulnerability, enabling hijacking of a privileged thread of execution. CVSS4 base score is 9...

9CVSS5.8AI score0.00329EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/14 11:56 a.m.5 views

CVE-2026-2449

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

9CVSS5.8AI score0.00329EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/14 11:56 a.m.32 views

CVE-2026-2449

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

9CVSS0.00329EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-32620

Name of the Vulnerable Software and Affected Versions upKeeper Instant Privilege Access versions prior to 1.5.0 Description Improper neutralization of argument delimiters in a command, known as argument injection, allows low-privilege users to hijack a privileged thread of execution. This can lea...

9CVSS5.8AI score0.00329EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

upKeeper Instant Privilege Access 安全漏洞

UpKeeper Instant Privilege Access is a privilege management system developed by the Swedish company UpKeeper. Versions of UpKeeper Instant Privilege Access prior to 1.5.0 contained security vulnerabilities. These vulnerabilities were due to improper use of simulations in .NET, which could lead to...

7.4CVSS5.9AI score0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.11 views

PT-2026-32623

.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References3
Rows per page
Query Builder