Lucene search
K

868 matches found

Cvelist
Cvelist
added 2025/11/04 6:20 a.m.7 views

CVE-2025-20747

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443; Issue ID: MSV-3966...

0.00074EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 6:20 a.m.15 views

CVE-2025-20747

CVE-2025-20747 describes an out-of-bounds write in the gnss service caused by an incorrect bounds check. The issue could allow a local attacker with System privileges to escalate privileges, with no user interaction required. A patch is available (Patch ID: ALPS10010443; MSV-3966). Documented ref...

6.7CVSS6.3AI score0.00074EPSS
Exploits0References1Affected Software5
Cvelist
Cvelist
added 2025/11/04 6:20 a.m.11 views

CVE-2025-20746

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010441; Issue ID: MSV-3967...

0.00074EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 6:20 a.m.14 views

CVE-2025-20746

The CVE-2025-20746 entry concerns GNSS service software (as referenced across multiple sources) with an out-of-bounds write caused by an incorrect bounds check. This condition can enable local privilege escalation to System if already present, with no user interaction required. The vulnerability ...

6.7CVSS6.3AI score0.00074EPSS
Exploits0References1Affected Software5
Cvelist
Cvelist
added 2025/11/04 6:20 a.m.8 views

CVE-2025-20739

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435340; Issue ID: MSV-403...

0.0013EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 6:20 a.m.11 views

CVE-2025-20732

The CVE-2025-20732 entry describes a local privilege-escalation flaw in the wlan AP driver (Linksys Wireless Network Controller Driver) caused by an incorrect bounds check that enables an out-of-bounds write. Impact is local, with no user interaction required, and exploitation is not detailed in ...

5.3CVSS6.3AI score0.00103EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/11/04 6:20 a.m.7 views

CVE-2025-20729

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441512; Issue ID: MSV-415...

0.0011EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 6:20 a.m.9 views

CVE-2025-20745

In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294...

0.00069EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 6:19 a.m.12 views

CVE-2025-20744

The CVE-2025-20744 entry concerns the pda component with a use-after-free in privileged context leading to local escalation of privilege. The advisory indicates that a malicious actor who already has System privileges can exploit this without user interaction; no exploit vectors or in-wild detail...

4.2CVSS6.3AI score0.00072EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/11/04 6:19 a.m.13 views

CVE-2025-20743

The CVE-2025-20743 entry concerns the clkdbg component, where a use-after-free condition can lead to local privilege escalation if an attacker already has System privileges. The vulnerability does not require user interaction and has a local attack vector with low complexity. The patch reference ...

4.2CVSS6.3AI score0.00072EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/04 6:19 a.m.3 views

CVE-2025-20730

In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10068463; Issue ID: MSV-4141...

6.3AI score0.00068EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/04 5:17 a.m.3 views

Multiple Roboticsware products register Windows services with unquoted file paths

Overview Multiple Roboticsware products provided by Roboticsware PTE. LTD. contain the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-64151 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the develope...

8.4CVSS7.1AI score0.00138EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.6 views

PT-2025-44973

Name of the Vulnerable Software and Affected Versions Aruba wlan AP Driver affected versions not specified Description An out-of-bounds write issue exists in the wlan AP driver due to an incorrect bounds check. Successful exploitation could allow a malicious actor with System privileges to escala...

5.3CVSS6.6AI score0.00103EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.4 views

PT-2025-44986

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon GNSS affected versions not specified Description An out-of-bounds write issue exists in the gnss service due to an incorrect bounds check. Successful exploitation could allow a local attacker with System privileges to...

6.7CVSS6.6AI score0.00074EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/28 6:30 p.m.4 views

EUVD-2025-36535

Wazuh's File Integrity Monitoring FIM, when configured with automatic threat removal, contains a time-of-check/time-of-use TOCTOU race condition that can allow a local, low-privileged attacker to cause the Wazuh service running as NT AUTHORITY\SYSTEM to delete attacker-controlled files or paths...

7.1CVSS6.3AI score0.00016EPSS
Exploits0References5
CVE
CVE
added 2025/10/28 3:48 p.m.26 views

CVE-2025-34294

This CVE entry is rejected/not used and does not represent an active vulnerability.

6.5AI score0.00016EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/22 6:4 a.m.5 views

Multiple I-O DATA NAS management applications register Windows services with unquoted file paths

Overview Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. Multiple NAS management applications provided by I-O DATA DEVICE, INC. contain the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-61865...

8.4CVSS7.4AI score0.00184EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/15 9:54 a.m.6 views

CVE-2025-20723

In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920033; Issue ID: MSV-3797...

7.8CVSS6.7AI score0.00087EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 9:54 a.m.4 views

CVE-2025-20722

In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920036; Issue ID: MSV-3798...

5.5CVSS5.5AI score0.00083EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/14 12:31 p.m.3 views

EUVD-2025-34164

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00419946; Issue ID: MSV-358...

7.8CVSS6.2AI score0.00126EPSS
Exploits0References2
Rows per page
Query Builder