Lucene search
K

244928 matches found

CVE
CVE
added 6 hours ago9 views

CVE-2026-15029

The CVE-2026-15029 entry covers an Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager. The vulnerability permits a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests...

8.4CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 6 hours ago8 views

EUVD-2026-44589

Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protection...

8.4CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 6 hours ago7 views

EUVD-2026-44588

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...

5.6CVSS6.1AI score
Exploits0References1
CVE
CVE
added 6 hours ago9 views

CVE-2026-13585

The CVE-2026-13585 affects the ASUS System Control Interface (SCI) driver and ASUS Business Manager. The root cause is Allocation of Resources Without Limits and Throttling, leading to potential exposure of sensitive information via crafted IOCTL requests. A local administrator can leverage this ...

8.2CVSS6AI score
Exploits0References1
EUVD
EUVD
added 6 hours ago7 views

EUVD-2026-44587

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...

8.2CVSS6AI score
Exploits0References1
EUVD
EUVD
added 8 hours ago3 views

EUVD-2026-44522

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require use...

7.5CVSS6.1AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 8 hours ago14 views

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...

9.1CVSS6.1AI score0.00648EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 8 hours ago16 views

The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.

The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

7CVSS6.1AI score0.0013EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 8 hours ago18 views

The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...

8.5CVSS6.1AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 8 hours ago15 views

The vulnerability of the Directum RX ECM system, related to deficiencies in access control, allows a perpetrator to compromise data integrity.

The vulnerability of the Directum RX ECM system is related to deficiencies in access control. Exploiting this vulnerability could allow a remote attacker to compromise data integrity...

5CVSS5.8AI score
Exploits0Affected Software1
CVE
CVE
added yesterday10 views

CVE-2026-5269

Technical details are not publicly available in the provided documents. This CVE entry lacks specific affected products, components, versions, or remediation steps. Monitor for updates from official sources.

6.1AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-21840

CVE-2026-21840 — HCL BigFix Platform is reported to have a user enumeration vulnerability. The available documents indicate that an attacker could perform some level of user enumeration for the BigFix service by observing system behavior/response times. The CVSS 3.1 metrics show a low base score ...

3.1CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-48353

CVE-2026-48353 affects CAI Content Credentials. The issue is an Improper Input Validation (CWE-20) that could enable an attacker to read arbitrary files on the filesystem outside the intended scope. Exploitation requires user interaction, as a victim must open a malicious file. The CVSS v3.1 base...

5.5CVSS6.2AI score
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-15410

Post-authentication improper control of generation of code 'Code Injection' vulnerability has been identified in the SMA1000 Appliance Management Console AMC which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands...

7.2CVSS
Exploits1References2
Cvelist
Cvelist
added yesterday8 views

CVE-2026-48345 Animate | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Animate is affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

8.2CVSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-48347

Animate is affected by an OS Command Injection (CWE-78) due to improper neutralization of special elements in an input that is used in an OS command. This can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malici...

7.7CVSS6.5AI score
Exploits0References1
CVE
CVE
added yesterday15 views

CVE-2026-15410

CVE-2026-15410 affects SonicWall SMA1000 Appliance Management Console (AMC). It is a post-authentication code-injection vulnerability that, under certain conditions, could allow a remote authenticated administrator to execute arbitrary OS commands. Root cause: improper control of generation of co...

7.2CVSS7.2AI score
In wildExploits1References2
NVD
NVD
added yesterday5 views

CVE-2026-58530

Heap-based buffer overflow in Windows Resilient File System ReFS allows an unauthorized attacker to execute code locally...

7.8CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-56650

Heap-based buffer overflow in Windows Network File System allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-56649

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Network File System allows an unauthorized attacker to execute code over a network...

5.9CVSS
Exploits0References1
Rows per page
Query Builder