Lucene search
K

1040 matches found

OSV
OSV
added 2026/03/05 3:16 p.m.8 views

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

7.1CVSS5.9AI score0.00179EPSS
Exploits0References4
NVD
NVD
added 2026/03/05 3:16 p.m.9 views

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

7.8CVSS0.00179EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/05 2:15 p.m.5 views

CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

8.5CVSS5.9AI score0.00179EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/05 2:15 p.m.3 views

CVE-2026-27750 Avira Internet Security Optimizer TOCTOU

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

8.5CVSS5.8AI score0.00102EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/05 2:15 p.m.32 views

CVE-2026-27750 Avira Internet Security Optimizer TOCTOU

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

7.8CVSS0.00102EPSS
Exploits0References3
CVE
CVE
added 2026/03/05 2:15 p.m.28 views

CVE-2026-27750

Avira Internet Security is affected by a TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and later deletes them in a separate cleanup phase without revalidating the target path. An local attacker could ...

8.5CVSS6AI score0.00102EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/05 2:15 p.m.8 views

CVE-2026-27750

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

8.5CVSS6AI score0.00102EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.8 views

Avira Internet Security 安全漏洞

Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability. This vulnerability stems from an improper link parsing issue in the Software Updater component. It could allow local attackers to delete any file,...

8.5CVSS7.5AI score0.00179EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

Avira Internet Security 安全漏洞

Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability, which stems from a race condition in the Optimizer component. This vulnerability could allow local attackers to delete protected files or directories...

8.5CVSS5.8AI score0.00102EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/03 1:17 p.m.4 views

CVE-2026-3344 WatchGuard Firebox System Integrity Check Bypass

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and including 12.11.7, 12.5.9 up to and including...

6.9CVSS5.9AI score0.00258EPSS
Exploits0References1
CVE
CVE
added 2026/03/03 1:17 p.m.17 views

CVE-2026-3344

Watching WatchGuard Fireware OS has a vulnerability (CVE-2026-3344) that allows bypassing the filesystem integrity check and maintaining limited persistence via a maliciously-crafted firmware update package. Affected versions are: Fireware OS 12.0–12.11.7, 12.5.9–12.5.16, and 2025.1–2026.1.1. The...

6.9CVSS5.9AI score0.00258EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.7 views

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software developed by the American company WatchGuard, running on Firebox devices. Vulnerabilities exist in versions 12.0 to 12.11.7, 12.5.9 to 12.5.16, and 2025.1 to 2026.1.1 of WatchGuard Fireware OS. These vulnerabilities stem from a potential flaw that allows...

6.9CVSS5.8AI score0.00258EPSS
Exploits0References2
Redos
Redos
added 2026/02/20 12:0 a.m.6 views

ROS-20260220-73-0015

A vulnerability in the net/sched/schhfsc.c component of the Linux operating system kernel is related to incomplete clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial o...

5.5CVSS7.2AI score0.00151EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.13 views

PT-2026-7586

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...

7.1CVSS5.5AI score0.00101EPSS
Exploits0References2
Redos
Redos
added 2026/01/19 12:0 a.m.6 views

ROS-20260119-7363

A vulnerability in the cacheinfo component of the Linux operating system kernel is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

7.8CVSS8.1AI score0.00257EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/16 2:23 p.m.3 views

CVE-2026-22910

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system...

9.1CVSS6.8AI score0.00436EPSS
Exploits0References1
NVD
NVD
added 2026/01/15 1:16 p.m.8 views

CVE-2026-22908

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

9.1CVSS0.00541EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/15 1:2 p.m.10 views

EUVD-2026-2809

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system...

7.5CVSS6.3AI score0.00436EPSS
Exploits0References7
CVE
CVE
added 2026/01/15 1:2 p.m.15 views

CVE-2026-22910

The connected Red Hat and SICK PSIRT entries corroborate CVE-2026-22910 affecting SICK TDC-X401GL devices, where the vulnerability arises from weak, publicly known default passwords on certain hidden user levels. The issue is described as enabling unauthorized access and compromising confidential...

9.1CVSS6.4AI score0.00436EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/01/15 1:0 p.m.5 views

EUVD-2026-2823

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality...

9.1CVSS6.7AI score0.00541EPSS
Exploits0References7
Rows per page
Query Builder