CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2021/07/08 10:54 a.m.•10 views

CVE-2021-32461

8.2AI score0.00066EPSS

Zero Day Initiative•added 2021/06/25 12:0 a.m.•26 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x20006 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling ...

6.5CVSS2.3AI score0.00031EPSS

Citrix•added 2021/06/23 11:6 a.m.•111 views

Citrix Hypervisor Security Update

Two security issues have been identified in Citrix Hypervisor 8.2 LTSR, each of which may allow privileged code in a guest VM to cause the host to crash or become unresponsive. These issues only affect Citrix Hypervisor 8.2 LTSR. These issues have the following CVE identifiers: CVE-2021-3416...

6.5CVSS2.2AI score0.00089EPSS

Exploits0

Citrix•added 2021/06/09 2:55 p.m.•176 views

Citrix Hypervisor Security Update

Several security issues have been identified that affect Citrix Hypervisor: Two issues, each of which may each allow privileged code in a guest VM to cause the host to crash or become unresponsive. These two issues only affect systems where the malicious guest VM has a physical PCI device passed...

7.8CVSS4AI score0.00078EPSS

Exploits0

NVD•added 2021/05/27 11:15 a.m.•11 views

CVE-2021-32459

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

6.5CVSS0.00532EPSS

OSV•added 2021/05/27 11:15 a.m.•2 views

CVE-2021-32459

6.5CVSS6.9AI score0.00532EPSS

Prion•added 2021/05/27 11:15 a.m.•14 views

Hardcoded credentials

5.5CVSS6.7AI score0.00532EPSS

Cvelist•added 2021/05/27 10:42 a.m.•14 views

CVE-2021-32459

6.9AI score0.00532EPSS

Zero Day Initiative•added 2021/05/25 12:0 a.m.•31 views

VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS2.8AI score0.00053EPSS

Zero Day Initiative•added 2021/05/20 12:0 a.m.•186 views

Apple macOS QuartzCore Type Confusion Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the QuartzCore Framework...

7.8CVSS5.7AI score

Zero Day Initiative•added 2021/05/13 12:0 a.m.•50 views

Microsoft Windows win32kfull Palette Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.7AI score0.00387EPSS

Zero Day Initiative•added 2021/05/13 12:0 a.m.•52 views

Microsoft Windows WalletService Directory Junction Privilege Escalation Vulnerability

7.8CVSS5.9AI score0.01494EPSS

Zero Day Initiative•added 2021/05/13 12:0 a.m.•123 views

(Pwn2Own) Canonical Ubuntu io_uring Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS8.7AI score0.0006EPSS

Prion•added 2021/05/12 3:15 p.m.•15 views

Information disclosure

An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a...

4.4CVSS7.5AI score0.00093EPSS

Prion•added 2021/05/12 3:15 p.m.•14 views

Information disclosure

An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is...

4.4CVSS7.5AI score0.00093EPSS

Cvelist•added 2021/05/12 2:57 p.m.•10 views

CVE-2021-31519

7.7AI score0.00093EPSS

Cvelist•added 2021/05/12 2:57 p.m.•11 views

CVE-2021-28649

7.7AI score0.00093EPSS

Zero Day Initiative•added 2021/05/11 12:0 a.m.•36 views

Schneider Electric C-Bus Toolkit Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of Schneider Electric C-Bus Toolkit. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5AI score0.00192EPSS

Zero Day Initiative•added 2021/05/03 12:0 a.m.•72 views

Microsoft Windows splwow64 Out-Of-Bounds Read Privilege Escalation Vulnerability

7.8CVSS4.7AI score0.00605EPSS