Lucene search
K

3754 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Forcepoint VPN Client 安全漏洞

Forcepoint VPN Client is an enterprise-level VPN client software developed by the American company Forcepoint. Versions of Forcepoint VPN Client 6.11.3 and earlier contained a security vulnerability. This vulnerability stemmed from an increase in local privileges, which could allow non-managed...

8.5CVSS5.3AI score0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.14 views

PT-2026-45924

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A remote attacker with user privileges can exploit a stack buffer overflow in the bac-deviceobject method to gain full system access as root. A stack buffer...

8.8CVSS6.5AI score0.00456EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/02 8:29 a.m.11 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.7AI score0.00264EPSS
Exploits0References4
NVD
NVD
added 2026/06/01 11:16 p.m.13 views

CVE-2019-25718

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

8.6CVSS0.00118EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:41 p.m.6 views

CVE-2019-25718

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

8.6CVSS5.8AI score0.00118EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/01 9:41 p.m.28 views

CVE-2019-25718 Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

8.6CVSS0.00118EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/01 9:41 p.m.10 views

CVE-2019-25718 Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

8.6CVSS5.8AI score0.00118EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/01 11:12 a.m.75 views

Legacy-TJNULL-OSCP-

HackTheBox: Legacy Writeup An elegant, professional walkthroug...

6.4AI score
Exploits0
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

Dräger Infinity Explorer C700 安全漏洞

The Dräger Infinity Explorer C700 is an integrated medical-grade monitoring workstation component developed by the German company Dräger. The Dräger Infinity Explorer C700 has a security vulnerability that stems from privilege escalation. This vulnerability could allow attackers to break through...

8.6CVSS5.3AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2026/05/31 12:0 a.m.39 views

RLSA-2026:21745 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

7.8CVSS6.6AI score0.00514EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2026/05/28 9:40 a.m.12 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.8AI score0.00264EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32278

In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain full access to the service protocol and configuration panel...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 1:50 p.m.13 views

CVE-2024-56462 IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system...

7.2CVSS5.8AI score0.00463EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43685

Name of the Vulnerable Software and Affected Versions IBM QRadar versions 7.5.0 through 7.5.0 UP15 Interim Fix 002 Description A privileged user can upload a malicious backup archive. When this archive is restored, it can be used to gain unauthorized access to the underlying operating system...

8.8CVSS5.4AI score0.00463EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Netis AC1200 安全漏洞

The Netis AC1200 is a series of dual-band wireless broadband routers produced by the Chinese company Netis. The Netis AC1200 Router NC21 V4.0.1.4296 version contains a security vulnerability. This vulnerability stems from the hardcoded root credentials stored in the /etc/shadow.sample file. The...

7.3CVSS5.8AI score0.00301EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.15 views

HP LaserJet Printers Path Traversal (CVE-2010-4107)

The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers...

7.8CVSS6AI score0.1313EPSS
Exploits14References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 1:53 a.m.14 views

Malicious code in credential-verification-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebec51669e1875ebdcbe28040480db123cd5b42e4dbd4229b534a6e07e41b593 [email protected] is a thin wrapper whose only behavior is to download and execute whatever code is currently published at the latest...

6.2AI score
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Dell SmartFabric Storage Software 命令注入漏洞

Dell SmartFabric Storage Software is an independent storage software solution provided by the American company Dell. Versions of Dell SmartFabric Storage Software prior to 1.4.5 contained a command injection vulnerability. This vulnerability stemmed from improper handling of special elements with...

6.7CVSS5.8AI score0.00451EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 10:6 a.m.9 views

MAL-2026-3829 Malicious code in pyenvprep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 963727b60e7fa8536050eb0f4691dc8bec6089567630063305d05ddceb4834cd Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

6.2AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/18 1:57 a.m.18 views

CVE-2026-7373

Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control of a Windows host. When started the metasploitPostgreSQL service would start the postgres.exe child process which would in turn load an OpenSSL configuration file from a stat...

9.3CVSS6AI score0.0017EPSS
Exploits0References1
Rows per page
Query Builder