Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1262 matches found

Zero Day Initiative
Zero Day Initiativeadded 2020/07/20 12:0 a.m.35 views

Oracle VirtualBox virtio-net Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS2.8AI score0.00146EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2020/06/30 12:0 a.m.32 views

VMware Workstation EHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the EHCI...

7.5CVSS3.3AI score0.00037EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2020/06/30 12:0 a.m.31 views

VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

2.8CVSS2.1AI score0.00046EPSS
Exploits0References1
OSV
OSVadded 2020/06/22 6:15 p.m.3 views

CVE-2020-11519

The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to read or write to physical disc sectors via a \.\SecureDocDevice handle. Exploiting this vulnerability results in privileged code execution...

7.8CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2020/06/22 6:15 p.m.12 views

CVE-2020-11520

The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to write to arbitrary kernel memory addresses because the IOCTL dispatcher lacks pointer validation. Exploiting this vulnerability results in privileged code execution...

7.8CVSS0.00115EPSS
Exploits1References2
NVD
NVDadded 2020/06/22 6:15 p.m.17 views

CVE-2020-11519

The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to read or write to physical disc sectors via a \.\SecureDocDevice handle. Exploiting this vulnerability results in privileged code execution...

7.8CVSS0.0109EPSS
Exploits1References2
Prion
Prionadded 2020/06/22 6:15 p.m.15 views

Design/Logic Flaw

The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to read or write to physical disc sectors via a \.\SecureDocDevice handle. Exploiting this vulnerability results in privileged code execution...

4.6CVSS7.3AI score0.0109EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2020/06/22 6:15 p.m.20 views

Input validation

The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to write to arbitrary kernel memory addresses because the IOCTL dispatcher lacks pointer validation. Exploiting this vulnerability results in privileged code execution...

4.6CVSS7.5AI score0.00115EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2020/06/22 5:48 p.m.44 views

CVE-2020-11519

CVE-2020-11519 affects WinMagic SecureDoc, specifically the SDDisk2k.sys driver in v8.5 and earlier. A local attacker can read/write physical disk sectors via the .\SecureDocDevice handle, leading to privileged code execution. The vulnerability is confirmed across multiple sources, with CVSS v3.1...

7.8CVSS7.3AI score0.0109EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/06/22 5:48 p.m.15 views

CVE-2020-11519

The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to read or write to physical disc sectors via a \.\SecureDocDevice handle. Exploiting this vulnerability results in privileged code execution...

7.4AI score0.0109EPSS
Exploits1References2
CVE
CVEadded 2020/06/22 5:47 p.m.40 views

CVE-2020-11520

CVE-2020-11520 affects WinMagic SecureDoc

7.8CVSS7.5AI score0.00115EPSS
Exploits1References2Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2020/06/15 12:0 a.m.11 views

Docker Desktop Execution with Unnecessary Privileges Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Troubleshoot...

7.8CVSS4AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2020/05/28 12:0 a.m.31 views

(Pwn2Own) Apple Safari Symbolic Link Arbitrary Application Execution Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple Safari. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of symboli...

5.3CVSS3.5AI score0.25648EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiativeadded 2020/05/28 12:0 a.m.60 views

Apple macOS SkyLight Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SkyLight module. The...

5.3CVSS5.3AI score0.00264EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2020/05/19 12:0 a.m.30 views

(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...

7CVSS4.3AI score0.00397EPSS
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2020/05/19 12:0 a.m.34 views

(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...

2.5CVSS2.9AI score0.00397EPSS
Exploits0
NCSC
NCSCadded 2020/05/09 12:0 a.m.4 views

Vulnerabilities fixed in VMware vRealize Operations Manager

There are two vulnerabilities in VMware vRealize Operations Manager. These vulnerabilities, if exploited, can lead to the execute arbitrary code with administrator privileges on the Application Remote Collector ARC and all virtual systems on which an ARC Telegraph agent is installed. VMWare has...

9.8CVSS9.9AI score0.94234EPSS
Exploits24
Zero Day Initiative
Zero Day Initiativeadded 2020/04/30 12:0 a.m.40 views

(Pwn2Own) Oracle VirtualBox OHCI Uninitialized Variable Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS4.4AI score0.00171EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2020/04/30 12:0 a.m.38 views

(Pwn2Own) Oracle VirtualBox E1000 IP Checksum Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.5CVSS2.3AI score0.00118EPSS
Exploits0References1
Exploit DB
Exploit DBadded 2020/04/21 12:0 a.m.837 views

NSClient++ 0.5.2.35 - Authenticated Remote Code Execution

Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-04-20 Exploit Author: kindredsec Vendor Homepage: https://nsclient.org/ Software Link: https://nsclient.org/download/ Version: 0.5.2.35 Tested on: Microsoft Windows 10 Pro x64 CVE: N/A NSClient++ ...

7.4AI score
Exploits0
Rows per page
Query Builder