CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1262 matches found

Zero Day Initiative•added 2020/04/16 12:0 a.m.•39 views

Oracle VirtualBox vmsvgaR3FifoUpdateCursor Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

3.2CVSS2.7AI score0.00071EPSS

Exploits0References1

Zero Day Initiative•added 2020/04/16 12:0 a.m.•41 views

Oracle VirtualBox xHCI Out-Of-Bounds Read Information Disclosure Vulnerability

6CVSS3AI score0.00102EPSS

Exploits0References1

Zero Day Initiative•added 2020/04/15 12:0 a.m.•32 views

Microsoft Windows Palette Object Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.3AI score0.00277EPSS

Exploits0References1

NVD•added 2020/04/08 6:15 p.m.•10 views

CVE-2018-21042

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 December 2018...

9.8CVSS9.7AI score0.00164EPSS

Exploits0References1

OSV•added 2020/04/08 6:15 p.m.•3 views

CVE-2018-21042

9.8CVSS6AI score0.00164EPSS

Exploits0References1

CVE•added 2020/04/08 5:5 p.m.•43 views

CVE-2018-21042

CVE-2018-21042 concerns Samsung mobile devices running N(7.x), O(8.x), and P(9.0). The issue is that Dual Messenger can install an arbitrary APK, leading to privileged code execution. Affected component/feature: Dual Messenger on Samsung devices. Root cause: exploitation arises from ability to in...

9.8CVSS9.6AI score0.00164EPSS

Exploits0References1Affected Software1

Zero Day Initiative•added 2020/04/07 12:0 a.m.•32 views

Adobe Acrobat Pro DC Genuine Software Service Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Genuine Software Service. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS4.3AI score0.00092EPSS

Exploits0References1

RedhatCVE•added 2020/04/05 10:54 a.m.•43 views

CVE-2018-3693

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an...

5.9CVSS3.1AI score0.00964EPSS

Exploits0References2

Prion•added 2020/03/23 6:15 p.m.•13 views

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

4.6CVSS6.6AI score0.00089EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/03/23 5:30 p.m.•11 views

CVE-2020-8876

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.5CVSS5.3AI score0.00094EPSS

Exploits0References1

Zero Day Initiative•added 2020/03/18 12:0 a.m.•11 views

Microsoft Windows AppX Deployment Service Hard Link Privilege Escalation Vulnerability

7.8CVSS6.6AI score

Exploits0References1

Zero Day Initiative•added 2020/03/13 12:0 a.m.•31 views

Parallels Desktop xHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI...

8.2CVSS3AI score0.00089EPSS

Exploits0

Zero Day Initiative•added 2020/03/12 12:0 a.m.•22 views

(Pwn2Own) Xiaomi GetApps Intent Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Xiaomi GetApps. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

5.3CVSS3.7AI score0.00207EPSS

Exploits0

Zero Day Initiative•added 2020/03/12 12:0 a.m.•26 views

Microsoft Windows DiagTrack Service Hard Link Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

6.1CVSS5AI score0.00397EPSS

Exploits0References1

Zero Day Initiative•added 2020/03/12 12:0 a.m.•28 views

Microsoft Windows AppX Deployment Service Link Resolution Denial-of-Service Vulnerability

6.1CVSS4.5AI score0.00495EPSS

Exploits0References1

Zero Day Initiative•added 2020/03/12 12:0 a.m.•22 views

Microsoft Windows AppX Deployment Service Hard Link Escalation of Privilege Vulnerability

7.8CVSS5.4AI score0.00397EPSS

Exploits0References1

Zero Day Initiative•added 2020/03/12 12:0 a.m.•49 views

Microsoft Windows Printer Device Context Use-After-Free Privilege Escalation Vulnerability