CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

321 matches found

Nuclei•added 2026/05/23 6:16 a.m.•15 views

Quest KACE System Management Appliance 8.0.318 - Remote Code Execution

The '/common/downloadagentinstaller.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system. id: CVE-2018-11138 info: name: Quest KACE System Management Appliance 8.0.318 - Remote Code Executi...

10CVSS7.6AI score0.93443EPSS

Exploits7References4

The Hacker News•added 2026/04/21 6:23 a.m.•9 views

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation. The list of vulnerabilities is as...

10CVSS7.7AI score0.93047EPSS

Exploits25

Tenable Nessus•added 2026/04/16 12:0 a.m.•1 views

Quest KACE SMA 13.0.x < 13.0.385 / 13.1.x < 13.1.81 / 13.2.x < 13.2.183 / 14.0.x < 14.0.341 / 14.1.x < 14.1.101 Multiple Vulnerabilities

The version of Quest KACE Systems Management Appliance SMA running on the remote host is 13.0.x prior to 13.0.385, 13.1.x prior to 13.1.81, 13.2.x prior to 13.2.183, 14.0.x prior to 14.0.341, or 14.1.x prior to 14.1.101. It is, therefore, affected by multiple vulnerabilities, including: - An...

10CVSS7.5AI score0.39315EPSS

Exploits0References5

The Hacker News•added 2026/03/23 6:15 a.m.•3 views

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance SMA, according to Arctic Wolf. The cybersecurity company said it observed malicious activity starting the week of March 9, 2026, in customer environments that's consiste...

10CVSS6AI score0.39315EPSS

Exploits0

VulnCheck KEV•added 2026/03/19 12:0 a.m.•5 views

VulnCheck KEV: CVE-2025-32975

Quest KACE Systems Management Appliance SMA 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 Patch 5, and 14.1.x before 14.1.101 Patch 4 contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid...

10CVSS5.8AI score0.39315EPSS

In wildExploits0References4

RedhatCVE•added 2026/01/13 10:53 p.m.•4 views

CVE-2025-67813

Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...

5.3CVSS7AI score0.00018EPSS

Exploits0References1

NVD•added 2026/01/12 4:16 p.m.•2 views

CVE-2025-67813

Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...

5.3CVSS0.00018EPSS

Exploits0References2

OSV•added 2026/01/12 4:16 p.m.•0 views

CVE-2025-67813

Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...

5.3CVSS5.8AI score0.00018EPSS

Exploits0References2

CNNVD•added 2026/01/12 12:0 a.m.•3 views

Quest KACE Desktop Authority 安全漏洞

Quest KACE Desktop Authority is a user environment management software from Quest Corporation. A security vulnerability exists in Quest KACE Desktop Authority versions 11.3.1 and earlier, which stems from insecure named pipe permissions used for inter-process communication...

5.3CVSS6.7AI score0.00018EPSS

Exploits0References3

EUVD•added 2026/01/12 12:0 a.m.•1 views

EUVD-2026-1927

Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...

5.3CVSS6.5AI score0.00018EPSS

Exploits0References3

Vulnrichment•added 2026/01/12 12:0 a.m.•2 views

CVE-2025-67813

Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...

6.6AI score0.00018EPSS

Exploits0References2

Cvelist•added 2026/01/12 12:0 a.m.•15 views

CVE-2025-67813

Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...

0.00018EPSS

Exploits0References2

Positive Technologies•added 2026/01/12 12:0 a.m.•3 views

PT-2026-2270

Name of the Vulnerable Software and Affected Versions Quest KACE Desktop Authority versions through 11.3.1 Description Quest KACE Desktop Authority through version 11.3.1 has insecure permissions on the Named Pipes used for inter-process communication. Named Pipes are used to enable communication...

5.3CVSS6.6AI score0.00018EPSS

Exploits0References8

CVE•added 2026/01/12 12:0 a.m.•5 views

CVE-2025-67813

CVE-2025-67813 affects Quest KACE Desktop Authority up to and including version 11.3.1. The vulnerability is insecure permissions on named pipes used for inter-process communication, exposing IPC to inappropriate access or manipulation. Impact is described in connected sources as insecure named p...

5.3CVSS6.6AI score0.00018EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/01/09 10:57 a.m.•4 views

CVE-2022-38220

An XSS vulnerability exists within Quest KACE Systems Management Appliance SMA through 12.1 that may allow remote injection of arbitrary web script or HTML...

6.1CVSS6.5AI score0.00197EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:28 a.m.•5 views

CVE-2019-12918

Quest KACE Systems Management Appliance Server Center version 9.1.317 is vulnerable to SQL injection. The affected file is softwarelibrary.php and affected parameters are order0column and order0dir...

9.8CVSS7.9AI score0.00331EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-2687

Malware in sbrugna...

9CVSS7AI score0.00646EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-3178

Malware in sbrugna...

9.8CVSS9.5AI score0.00311EPSS

Exploits3References3