Lucene search
K

219 matches found

NVD
NVD
added 2025/05/13 10:15 a.m.16 views

CVE-2025-40573

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0 HF0. Affected devices are vulnerable to path traversal attacks. This could allow a privileged local attacker to restore backups that are outside the backup folder...

6.7CVSS0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/13 9:38 a.m.18 views

CVE-2025-40573

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0 HF0. Affected devices are vulnerable to path traversal attacks. This could allow a privileged local attacker to restore backups that are outside the backup folder...

6.7CVSS0.00153EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/13 9:38 a.m.6 views

CVE-2025-40573

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0 HF0. Affected devices are vulnerable to path traversal attacks. This could allow a privileged local attacker to restore backups that are outside the backup folder...

6.7CVSS5.9AI score0.00153EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:49 a.m.25 views

microcode_ctl: Improper initialization in UEFI firmware OutOfBandXML module

Improper initialization in UEFI firmware OutOfBandXML module in some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...

6.8CVSS5.8AI score0.00222EPSS
Exploits0References5
CVE
CVE
added 2025/05/13 1:13 a.m.51 views

CVE-2025-35471

CVE-2025-35471 affects the conda-forge openssl-feedstock (pre-066e83c, 2024-05-20) on Windows. The issue arises from configuring OpenSSL to use an OPENSSLDIR path writable by non-privileged local users; an attacker can place a crafted openssl.cnf in OPENSSLDIR and trigger arbitrary code execution...

7.8CVSS7.3AI score0.00187EPSS
Exploits1References2Affected Software2
OSV
OSV
added 2025/03/06 5:15 a.m.8 views

CVE-2025-20911

Improper access control in semwifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch...

4.4CVSS5.8AI score0.00127EPSS
Exploits0References1
CVE
CVE
added 2025/03/06 5:4 a.m.59 views

CVE-2025-20911

CVE-2025-20911 describes improper access control in the Samsung sem_wifi service before SMR Mar-2025 Release 1, enabling privileged local attackers to update the MAC address of Galaxy Watch devices. Core details in public feeds indicate the issue is tied to a local-privilege scenario with high pr...

4.4CVSS6.8AI score0.00127EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/06 5:4 a.m.5 views

CVE-2025-20911

Improper access control in semwifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch...

4.4CVSS6.8AI score0.00127EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/25 12:0 a.m.6 views

Zoom Workplace 安全漏洞

Zoom Workplace is a desktop application from Zoom USA. A security vulnerability exists in Zoom Workplace versions prior to 6.1.5, which stems from uncontrolled resource consumption by the installer and could lead to the disclosure of information via local access by privileged users...

6CVSS6AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2025/02/20 12:15 p.m.3 views

CVE-2025-21106

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 10:15 p.m.1 views

ALPINE-CVE-2023-43758

Improper input validation in UEFI firmware for some IntelR processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS7AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:14 a.m.8 views

CVE-2024-47562

A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application does not properly neutralize special elements in user input to the ssmctl-client command. This could allow an authenticated, lowly privileged local attacker to execute privileged commands i...

9.3CVSS5.8AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.5 views

Dell Edge Gateway 安全漏洞

Dell Edge Gateway is a series of intelligent gateway devices from Dell USA Inc. It is designed to aggregate, protect, analyze and relay data from various sensors and devices at the edge of the network. A security vulnerability exists in Dell Edge Gateway, which stems from the presence of a...

6.7CVSS5.8AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2024/09/16 5:16 p.m.0 views

DEBIAN-CVE-2024-24968

Improper finite state machines FSMs in hardware logic in some IntelR Processors may allow an privileged user to potentially enable a denial of service via local access...

5.6CVSS5.9AI score0.00184EPSS
Exploits0References1
OSV
OSV
added 2024/09/16 5:16 p.m.2 views

DEBIAN-CVE-2024-23984

Observable discrepancy in RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...

6.8CVSS5.6AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2024/08/27 8:15 a.m.23 views

CVE-2024-41174

The IPC-Diagnostics package in TwinCAT/BSD is susceptible to improper input neutralization by a low-privileged local attacker...

7.3CVSS0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/08/21 7:27 p.m.7 views

USN-6973-1 linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-xilinx-zynqmp vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service system crash. CVE-2024-24860 Several security issues were discovere...

8.4CVSS6.6AI score0.00805EPSS
Exploits1References10
Ubuntu
Ubuntu
added 2024/08/21 5:53 p.m.74 views

USN-6972-1: Linux kernel vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

8.8CVSS6.6AI score0.01167EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/19 12:0 a.m.28 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Intel Microcode vulnerabilities (USN-6967-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6967-1 advisory. It was discovered that some Intel Core Ultra Processors did not properly isolate the stream cache. A loca...

7.8CVSS6.6AI score0.00285EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.4 views

PT-2024-13684 · Unknown · Openbmc Firmware

Name of the Vulnerable Software and Affected Versions: OpenBMC Firmware versions prior to egs-1.15-0 OpenBMC Firmware versions prior to bhs-0.27 Description: The issue is an out of bounds read that may allow a privileged user to potentially enable information disclosure via local access...

8.1CVSS6.4AI score0.00192EPSS
Exploits0References3
Rows per page
Query Builder