Lucene search
K

1541 matches found

Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.12 views

PT-2026-7379

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References2
CVE
CVE
added 2026/02/06 9:49 p.m.282 views

CVE-2026-1731

CVE-2026-1731 affects BeyondTrust Remote Support (RS) and older Privileged Remote Access (PRA). It is a pre-authentication, unauthenticated remote code execution vulnerability exploitable via crafted requests, enabling code execution in the site user context. Technical details across connected do...

9.9CVSS6.6AI score0.86091EPSS
In wildExploits11References5Affected Software2
Zero Day Initiative
Zero Day Initiative
added 2026/02/05 12:0 a.m.6 views

Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the product installer. The issue results from...

6.7CVSS5.9AI score0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 4:57 p.m.5 views

EUVD-2026-5234

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Reflected Cross-Site Scripting XSS vulnerability allows remote attackers to execute arbitrary JavaScript in the context of authenticated users by crafting malicious URLs and...

4.7CVSS5.8AI score0.0018EPSS
Exploits1References1
NVD
NVD
added 2026/01/23 4:16 a.m.9 views

CVE-2026-0788

ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability. This vulnerability allows remote attackers to execute web requests with a target user's privileges on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

6.1CVSS0.00371EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 4:16 a.m.7 views

CVE-2026-0775

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

7CVSS0.00286EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.7 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004888)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004888 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setupbasectxt setupbasectxt allocates a memory chunk for...

5.5CVSS7AI score0.00208EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004239)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004239 advisory. In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to...

7.8CVSS6.9AI score0.01087EPSS
Exploits2References9
OSV
OSV
added 2026/01/13 7:16 p.m.5 views

CVE-2026-21280

Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that...

8.6CVSS6.3AI score0.00221EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 7:16 p.m.3 views

CVE-2026-21274

Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code...

7.8CVSS6.3AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 7:16 p.m.1 views

CVE-2026-21268

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS6.3AI score0.00212EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 7:16 p.m.10 views

CVE-2026-21268

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS0.00212EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 6:25 p.m.13 views

CVE-2026-21271

Dreamweaver Desktop (Windows/macOS) versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that can lead to arbitrary code execution in the context of the current user when a user opens a malicious file. The issue requires user interaction and has been fixed in newer...

8.6CVSS7.3AI score0.00212EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/13 6:25 p.m.22 views

CVE-2026-21271 Dreamweaver Desktop | Improper Input Validation (CWE-20)

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS0.00212EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/13 6:25 p.m.7 views

CVE-2026-21268 Dreamweaver Desktop | Improper Input Validation (CWE-20)

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS7.3AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.9 views

PT-2026-2768

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

8.6CVSS7.6AI score0.00212EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2026/01/09 12:0 a.m.10 views

(0Day) Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the discordrpc module...

7.3CVSS7.5AI score0.0036EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.14 views

CVE-2019-7941

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...

7.5CVSS6.5AI score0.03121EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993258)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993258 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setupbasectxt setupbasectxt allocates a memory chunk for...

5.5CVSS6.1AI score0.00208EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992507)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992507 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setupbasectxt setupbasectxt allocates a memory chunk for...

5.5CVSS6.1AI score0.00208EPSS
Exploits0References4
Rows per page
Query Builder