Lucene search
K

5291 matches found

EUVD
EUVD
added 11 hours ago4 views

EUVD-2026-40876

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309...

6.7CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-57919

PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe \.\pipe\PBackupVSS with a DACL that grants GENERICREAD and GENERICWRITE permissions to all authenticated users. A low-privileged local attacker can connect to this pipe and send crafted IPC messages to trigge...

7.8CVSS0.00125EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-39785

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

7.7CVSS5.8AI score0.00118EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-21734

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

7.7CVSS5.8AI score0.00118EPSS
Exploits0References2
NVD
NVD
added 5 days ago7 views

CVE-2026-8797

An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges...

8.5CVSS0.00122EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago11 views

EUVD-2026-39623

An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges...

8.5CVSS6.1AI score0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago11 views

CVE-2026-8797

An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges...

8.5CVSS6.1AI score0.00122EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-8797

An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges...

8.5CVSS0.00122EPSS
Exploits0References1
CVE
CVE
added 5 days ago22 views

CVE-2026-8797

CVE-2026-8797 describes an access control deficiency in the Windows component of ExpressUpdate Agent. If an attacker can gain access to the product, arbitrary code could be executed with SYSTEM privileges. The CVSS 4.0 base score is 8.5 (HIGH), with LOCAL attack vector, low attack complexity, and...

8.5CVSS6.1AI score0.00122EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-39149

Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must vis...

8.8CVSS5.4AI score0.0067EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago3 views

EUVD-2026-39116

ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS7.6AI score0.01477EPSS
Exploits0References3
CVE
CVE
added last week7 views

CVE-2026-9777

CVE-2026-9777 pertains to ATEN Unizon’s restoreDB function, where inadequate validation of a user-supplied path in file operations enables a Directory Traversal leading to Remote Code Execution . The flaw can execute arbitrary code in the context of SYSTEM and requires authentication to exploit. ...

7.2CVSS7.6AI score0.01477EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/22 4:17 a.m.9 views

CVE-2026-6645

An insecure process execution vulnerability exists in the pc-printer-updater.exe component of the PaperCut Print Deploy Client for Windows. The application, which typically operates with high-level system privileges, attempts to perform an internal validation check by invoking a secondary system...

7.3CVSS0.00136EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 3:24 a.m.9 views

EUVD-2026-38209

An insecure process execution vulnerability exists in the pc-printer-updater.exe component of the PaperCut Print Deploy Client for Windows. The application, which typically operates with high-level system privileges, attempts to perform an internal validation check by invoking a secondary system...

7.3CVSS6.1AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 3:24 a.m.29 views

CVE-2026-6645 Insecure Search Path Vulnerability in PaperCut Print Deploy Client for Windows

An insecure process execution vulnerability exists in the pc-printer-updater.exe component of the PaperCut Print Deploy Client for Windows. The application, which typically operates with high-level system privileges, attempts to perform an internal validation check by invoking a secondary system...

7.3CVSS0.00136EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 3:24 a.m.19 views

CVE-2026-6645

The CVE-2026-6645 vulnerability affects the PaperCut Print Deploy Client for Windows, specifically the pc-printer-updater.exe component. The issue arises when the application performs an internal validation by invoking a secondary system utility without an absolute path, relying on the OS search ...

7.3CVSS6.1AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.10 views

PT-2026-51274

Name of the Vulnerable Software and Affected Versions PaperCut Print Deploy Client for Windows affected versions not specified Description An insecure process execution issue exists in the pc-printer-updater.exe component. The application operates with high-level system privileges and performs an...

7.3CVSS6.1AI score0.00136EPSS
Exploits0References5
NVD
NVD
added 2026/06/19 3:16 p.m.12 views

CVE-2020-37252

Realtek Audio Service 1.0.0.55 contains an unquoted service path vulnerability in RtkAudioService64.exe that allows local attackers to escalate privileges by injecting malicious code. Attackers can place executable files in the unquoted service path directory to execute arbitrary code with...

8.5CVSS0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 3:16 p.m.11 views

CVE-2025-71326

AVAST Antivirus 25.11 contains an unquoted service path vulnerability in the SecureLine service that allows local non-privileged users to execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that...

8.5CVSS0.00127EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 3:16 p.m.12 views

CVE-2016-20092

NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2ServiceNetdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that will be executed during service startup or...

8.5CVSS0.0012EPSS
Exploits0References4
Rows per page
Query Builder