Lucene search
K

983 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/06/10 12:0 a.m.10 views

Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows...

7.8CVSS7.5AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/08 7:17 p.m.21 views

CVE-2025-5474

2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 2BrightSparks SyncBackFree. An attacker must first obtain the ability to execute low-privileged code on the target syst...

7.3CVSS7.5AI score0.00269EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/05 12:0 a.m.6 views

Hewlett Packard Enterprise Insight Remote Support processAttachmentDataStream Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the processAttachmentDataStream...

9.8CVSS7.5AI score0.00617EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/03 12:0 a.m.12 views

2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of 2BrightSparks SyncBackFree. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. User interaction on the part of an...

7.3CVSS7.2AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:32 p.m.6 views

CVE-2021-34996

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS7.6AI score0.82258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 p.m.7 views

CVE-2021-34998

This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...

7.8CVSS7.2AI score0.00369EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/05/21 12:0 a.m.10 views

Microsoft PC Manager MSPCManagerService Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft PC Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/11 4:10 p.m.15 views

CVE-2024-9524

Link Following Local Privilege Escalation Vulnerability in System Speedup Service in Avira Operations GmbH Avira Prime Version 1.1.96.2 on Windows 10 x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a...

7.8CVSS7.8AI score0.00184EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient file system context source name checking in virtiofs...

5.5CVSS6.6AI score0.00164EPSS
Exploits0References8
OSV
OSV
added 2025/04/23 5:16 p.m.4 views

CVE-2025-2768

Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...

7.8CVSS7.4AI score0.00182EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.6 views

The vulnerability of the smb component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the smb component in the Linux operating system’s kernel is related to improper error handling in the smb3reconfigure function in fs/smb/client/fscontext.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References11Affected Software6
Vulnrichment
Vulnrichment
added 2025/02/26 2:12 a.m.4 views

CVE-2022-49408 ext4: fix memory leak in parse_apply_sb_mount_options()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in parseapplysbmountoptions If processing the on-disk mount options fails after any memory was allocated in the ext4fscontext, e.g. sqfnames, then this memory is leaked. Fix this by calling ext4fcfree instea...

5.9AI score0.00243EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 2:47 p.m.11 views

CVE-2020-15419

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.75020200415. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReporterImportLicense class. Due to the improper restriction of...

7.8CVSS6.2AI score0.63787EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 1:21 p.m.8 views

CVE-2020-17389

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS7.4AI score0.10086EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 1:17 p.m.12 views

CVE-2020-8868

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest Foglight Evolve 9.0.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the service user account. The product contains a hard-coded password for thi...

10CVSS7.5AI score0.09471EPSS
Exploits0References1
NVD
NVD
added 2025/01/25 5:15 p.m.8 views

CVE-2025-0543

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in...

8.5CVSS0.00148EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/25 4:17 p.m.3 views

CVE-2025-0543 G DATA Security Client Local privilege escalation

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in...

8.5CVSS8AI score0.00148EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/01/19 12:0 a.m.12 views

Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Faces Mojarra component. The issue results from the use of a vulnerable...

7.5CVSS6.1AI score0.27759EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/01/08 12:0 a.m.7 views

Trend Micro Apex One LogServer Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS7.2AI score0.00466EPSS
Exploits0References1
NVD
NVD
added 2024/12/30 9:15 p.m.15 views

CVE-2024-12753

Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo...

7.3CVSS0.00278EPSS
Exploits0References2
Rows per page
Query Builder