Lucene search
K

4529 matches found

Vulnrichment
Vulnrichment
added 2026/05/05 7:34 p.m.7 views

CVE-2026-34596 Sandboxie-Plus local privilege escalation via TOCTOU race condition in UpdUtil addon installation

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...

5.4CVSS5.7AI score0.00106EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/05 7:30 p.m.5 views

CVE-2026-34462

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.3CVSS6.2AI score0.00174EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.10 views

CVE-2026-42369

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS6.2AI score0.00514EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.8 views

PT-2026-37231

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use TOCTOU race condition exists during addon installation. When a user installs an addon through the SandMan interface, UpdUtil.exe is spawned as SYSTEM by...

5.4CVSS5.7AI score0.00106EPSS
Exploits1References2
NVD
NVD
added 2026/05/04 1:16 a.m.10 views

CVE-2026-42369

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS0.00514EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/04 12:47 a.m.32 views

CVE-2026-42369 GeoVision GV-VMS V20 WebCam Server stack overflow vulnerability

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS0.00514EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/02 3:31 a.m.9 views

yii2-mcp-server has a Command Injection Issue

A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yiicommandhelp/yiiexecutecommand of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been publish...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/29 8:48 p.m.6 views

CVE-2025-10549

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

5.1CVSS6.2AI score0.00163EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.11 views

TOTOLINK A8000RU 命令注入漏洞

The TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A8000RU 7.1cu.643b20200521 version has a command injection vulnerability. This vulnerability stems from the setWiFiEasyGuestCfg function in the CGI Handler component, specifically the operation of the...

10CVSS7.3AI score0.02421EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 10:16 p.m.6 views

DEBIAN-CVE-2026-42171

NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...

7.8CVSS5.3AI score0.0021EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/24 9:20 p.m.4 views

CVE-2026-42171

NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...

7.8CVSS5.2AI score0.0021EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/04/24 9:20 p.m.5 views

EUVD-2026-25637

NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...

7.8CVSS5.2AI score0.0021EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/24 7:50 p.m.6 views

EUVD-2026-25623

Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes privileged commands without authentication, allowing any local unprivileged user to execute arbitrary...

7.8CVSS5.7AI score0.00218EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.14 views

PT-2026-35088

Name of the Vulnerable Software and Affected Versions NSIS Nullsoft Scriptable Install System versions 3.06.1 through 3.11 Description When executing as SYSTEM, the software sometimes uses the Low Integrity Level Low IL temporary directory. This allows local attackers to gain elevated privileges ...

7.8CVSS5.8AI score0.0021EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

NSIS 代码问题漏洞

NSIS is an open-source tool developed by NSIS Development for creating Windows installation programs. In versions 3.06.1 to 3.12 of NSIS, there were code vulnerabilities. These vulnerabilities stemmed from the use of a low-IL temporary directory when executed as SYSTEM, allowing local attackers t...

7.8CVSS5.9AI score0.0021EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/23 9:32 a.m.7 views

EUVD-2025-209559

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

5.1CVSS6.4AI score0.00163EPSS
Exploits1References3
OSV
OSV
added 2026/04/17 9:24 p.m.4 views

GHSA-W5J3-8FCR-H87W Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration

Summary An authenticated administrator can execute arbitrary operating system commands by injecting a malicious payload into the MAINODTASPDF configuration constant. This vulnerability exists because the application fails to properly validate or escape the command path before passing it to the ex...

9.4CVSS6.1AI score0.00922EPSS
Exploits3References4
NVD
NVD
added 2026/04/15 9:17 p.m.53 views

CVE-2026-22676

Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...

8.5CVSS0.00104EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 11:16 p.m.5 views

CVE-2026-33414

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

8.8CVSS0.00607EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/11 3:30 a.m.4 views

EUVD-2026-21654

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.8CVSS7.5AI score0.00214EPSS
Exploits0References2
Rows per page
Query Builder