Lucene search
+L

1923 matches found

BDU FSTEC
BDU FSTEC
added yesterday17 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS6.1AI score0.02603EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday45 views

ZenML ZenML Server - Improper Authentication

ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/usernameorid/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. id: CVE-2024-25723 info:...

8.8CVSS7.1AI score0.70581EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2 days ago8 views

HPLIP: Incomplete Fix for CVE-2026-8631

A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...

9.8CVSS6.3AI score0.01333EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 3 days ago3 views

The vulnerability of the PowerDNS Recursor DNS server, related to errors in the use of standard permissions, allows a hacker to trigger a service failure.

The vulnerability of the PowerDNS Recursor DNS server is related to errors in the use of standard permissions. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

7.8CVSS6.1AI score0.00504EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 3 days ago3 views

The vulnerability of the nfs-utils package, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of the nfs-utils package is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

6.8CVSS6.1AI score0.00462EPSS
Exploits0References17Affected Software5
BDU FSTEC
BDU FSTEC
added 3 days ago5 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server lies in the lack of authentication for a critical function, allowing attackers to escalate their privileges.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server lies in the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

5.3CVSS6.2AI score0.05601EPSS
Exploits0References5Affected Software3
NVD
NVD
added 4 days ago3 views

CVE-2026-50348

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Runtime allows an unauthorized attacker to elevate privileges over a network...

7CVSS0.00331EPSS
Exploits0References1
CVE
CVE
added 4 days ago7 views

CVE-2026-56169

CVE-2026-56169 concerns improper authentication in Windows Admin Center that can allow an attacker authenticated on the network to elevate privileges. The CVSS 3.1 base score is 8.1 (High), with network as the attack vector, low attack complexity, and low privileges required; confidentiality and ...

8.1CVSS6.1AI score0.00492EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 4 days ago8 views

Security Updates for Microsoft SQL Server (July 2026)

The Microsoft SQL Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over...

8.8CVSS6.2AI score0.01287EPSS
Exploits0References17
Kaspersky
Kaspersky
added 4 days ago6 views

KLA91151 Multiple vulnerabilities in Microsoft SQL Server

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation...

8.8CVSS7.2AI score0.01287EPSS
Exploits0References20
Nuclei
Nuclei
added 2026/07/11 12:22 a.m.188 views

Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation

Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit users documents with duplicate keysfor 'roles' used for access control within the database, including the special case 'admin' role, th...

10CVSS7.1AI score0.99838EPSS
Exploits21References5
EUVD
EUVD
added 2026/07/05 7:0 a.m.8 views

EUVD-2026-41733

A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The...

7.5CVSS6.7AI score0.00288EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 7:0 a.m.21 views

CVE-2026-14719

CVE-2026-14719 describes a privilege-management flaw in SourceCodester Onlne Examination & Learning Management System 1.0. The vulnerable component is the register.php file of the Registration Endpoint. An attacker can manipulate the role parameter to achieve improper privilege management, and th...

7.5CVSS6.7AI score0.00288EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55503

Name of the Vulnerable Software and Affected Versions HPLIP affected versions not specified Description An integer overflow exists in the hpcups processing path when handling specially crafted print data. This flaw may allow a remote attacker to escalate privileges or achieve arbitrary code...

9.8CVSS6.3AI score0.00618EPSS
Exploits0References16
NVD
NVD
added 2026/07/01 4:17 a.m.7 views

CVE-2026-20458

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS0.00204EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 3:13 a.m.7 views

EUVD-2026-40871

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS6AI score0.00204EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:13 a.m.42 views

CVE-2026-20458

CVE-2026-20458 affects the Modem with a memory corruption via a missing bounds check. This could enable remote escalation of privilege if a UE connects to a rogue base station, with no extra execution privileges required and no user interaction. Exploitation is described as adjacent access under ...

7.5CVSS6AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 3:13 a.m.41 views

CVE-2026-20458

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

0.00204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.17 views

PT-2026-54453

Name of the Vulnerable Software and Affected Versions Modem affected versions not specified Description Memory corruption occurs due to a missing bounds check. This allows remote escalation of privilege if a User Equipment UE connects to a rogue base station controlled by an attacker. Exploitatio...

7.5CVSS6.2AI score0.00204EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-13891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer...

7.5CVSS6.2AI score0.00302EPSS
Exploits0References2
Rows per page
Query Builder