Lucene search
K

5048 matches found

Microsoft CVE
Microsoft CVE
added 2 days ago6 views

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago8 views

Malicious code in multer-orm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb45c09aa7a237b2b9ff18ccf6426b76a4f46e5ea665c7747f35a345940e161 multer-orm is a typosquat of the widely used multer middleware. Its README is copied from multer, but the package adds a load-time dropper in...

6.7AI score
Exploits0References6
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42596

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the we...

8.6CVSS5.9AI score0.0034EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/04 12:45 a.m.10 views

EUVD-2026-41655

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...

8.4CVSS6AI score0.00245EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/07/04 12:45 a.m.5 views

CVE-2026-54424

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...

8.4CVSS6AI score0.00245EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/07/04 12:45 a.m.40 views

CVE-2026-54424

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...

8.4CVSS0.00245EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/07/02 10:18 p.m.8 views

CVE-2026-45499

Server-side request forgery ssrf in Azure OpenAI allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score0.00608EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/02 10:18 p.m.31 views

CVE-2026-26145 Microsoft Azure Synapse Elevation of Privilege Vulnerability

...

4.8CVSS0.00359EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-55320

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Online affected versions not specified Description Incorrect authorization allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...

8.8CVSS6AI score0.0063EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2026/07/01 6:48 p.m.6 views

CVE-2026-41121

Dell Device Management Agent, versions prior to DDMA 26.05, contain an Improper Link Resolution Before File Access 'Link Following’ vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

7.3CVSS5.8AI score0.00123EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 1:36 p.m.17 views

CVE-2026-46732

Dell Display and Peripheral Manager (DDPM Mac) is affected. Versions prior to 2.3 suffer from a race condition caused by concurrent execution accessing a shared resource due to improper synchronization. Attackers with local access and low privileges could exploit this to achieve elevation of priv...

7CVSS5.9AI score0.00075EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/25 1:36 p.m.10 views

EUVD-2026-39402

Dell Display and Peripheral Manager DDPM Mac, versions prior to 2.3, contain a Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of...

6.7CVSS5.9AI score0.00075EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 8:29 p.m.14 views

EUVD-2026-38091

Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.00408EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 8:29 p.m.4 views

CVE-2026-48582

Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...

9.6CVSS5.8AI score0.00389EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 8:27 p.m.4 views

CVE-2026-45480

Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.9AI score0.00562EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 8:16 a.m.17 views

CVE-2026-46461

Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.8CVSS0.001EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 7:46 a.m.12 views

EUVD-2026-37997

Dell Server Hardware Manager, versions prior to 3.2.2, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.8CVSS5.9AI score0.001EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.38 views

PT-2026-50850

Name of the Vulnerable Software and Affected Versions Dell Server Hardware Manager versions prior to 3.2.2 Description Improper Access Control allows a low privileged attacker with local access to potentially achieve Elevation of privileges, which is the act of gaining higher-level permissions th...

7.8CVSS5.9AI score0.001EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.28 views

PT-2026-51031

Name of the Vulnerable Software and Affected Versions Azure Active Directory affected versions not specified Description Improper authentication allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...

10CVSS5.9AI score0.00562EPSS
Exploits0References9
NVD
NVD
added 2026/06/18 10:16 p.m.24 views

CVE-2026-47647

Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network...

9.9CVSS0.00426EPSS
Exploits0References1
Rows per page
Query Builder