Lucene search
+L

900 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:13 a.m.10 views

CVE-2023-7270

An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed. The SoftMaker Office and FreeOffice MSI installer files were found to produce a visible conhost.exe window running a...

5.3CVSS6.8AI score0.00322EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:48 a.m.10 views

CVE-2022-24767

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account...

7.8CVSS6.8AI score0.01403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:35 p.m.4 views

CVE-2022-20317

In SystemUI, there is a possible way to unexpectedly enable the external speaker due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Androi...

5.5CVSS5.5AI score0.00115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.9 views

CVE-2021-21448

SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on th...

6.5CVSS6.6AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:10 p.m.10 views

CVE-2021-27406

An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into initializing a new open-VPN instance with arbitrary open-VPN configuration. This could result in t...

8.8CVSS6.9AI score0.00921EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:36 p.m.6 views

CVE-2021-29452

a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make th...

8.1CVSS7.1AI score0.00781EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.9 views

CVE-2020-6239

Under certain conditions SAP Business One Backup service, versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure...

4.4CVSS6.9AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:19 p.m.9 views

CVE-2018-14996

The Oppo F5 Android device with a build fingerprint of OPPO/CPH1723/CPH1723:7.1.1/N6F26Q/1513597833:user/release-keys contains a pre-installed platform app with a package name of com.dropboxchmod versionCode=1, versionName=1.0 that contains an exported service named...

7.8CVSS7.2AI score0.00518EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:14 p.m.8 views

CVE-2018-10170

NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "nordvpn-service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a...

10CVSS7.8AI score0.0273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.8 views

CVE-2019-15342

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.8CVSS7.1AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.6 views

CVE-2019-15351

The Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...

7.8CVSS7.1AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.10 views

CVE-2019-15388

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service name...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.12 views

CVE-2019-15348

The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...

7.8CVSS7.1AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.13 views

CVE-2019-15389

The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service named...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 a.m.8 views

CVE-2019-15347

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.8CVSS7.1AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 a.m.8 views

CVE-2019-6145

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...

7.2CVSS7.1AI score0.00665EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:26 a.m.6 views

CVE-2019-13142

The RzSurroundVADStreamingService RzSurroundVADStreamingService.exe in Razer Surround 1.1.63.0 runs as the SYSTEM user using an executable located in %PROGRAMDATA%\Razer\Synapse\Devices\Razer Surround\Driver\. The DACL on this folder allows any user to overwrite contents of files in this folder,...

6.6CVSS6.9AI score0.00288EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:33 a.m.10 views

CVE-2012-4501

Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs...

10CVSS7.2AI score0.07771EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 9:15 a.m.32 views

CVE-2025-20975

Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...

5.5CVSS0.0012EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/24 12:0 a.m.6 views

PT-2025-17857 · Unknown · Codeastro Bus Ticket Booking System

Name of the Vulnerable Software and Affected Versions: Codeastro Bus Ticket Booking System version 1.0 Description: Insecure Direct Object Reference IDOR in Codeastro Bus Ticket Booking System allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can...

8CVSS6.3AI score0.00248EPSS
Exploits1References10
Rows per page
Query Builder