Lucene search
K

443 matches found

OSV
OSV
added 2025/05/29 3:15 p.m.5 views

CVE-2025-5334

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal information. Under specific circumstances, entries may be unintentionally moved from us...

7.5CVSS5.7AI score0.00484EPSS
Exploits0References1
Mozilla
Mozilla
added 2025/05/27 12:0 a.m.17 views

Security Vulnerabilities fixed in Firefox ESR 115.24 — Mozilla

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...

5.4CVSS6.6AI score0.00513EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:31 a.m.6 views

CVE-2024-5198

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt...

3.3CVSS6.7AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.21 views

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

8.2CVSS6.6AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:37 a.m.7 views

CVE-2023-28714

Improper access control in firmware for some IntelR PROSet/Wireless WiFi software for Windows before version 22.220 HF Hot Fix may allow a privileged user to potentially enable escalation of privilege via local access...

8.2CVSS7.2AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:35 a.m.8 views

CVE-2023-28123

A permission misconfiguration in UI Desktop for Windows Version 0.59.1.71 and earlier could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later...

5.5CVSS6.8AI score0.00163EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:8 a.m.9 views

CVE-2023-47113

BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.4.2 is vulnerable to a DLL Hijacking vulnerability. By placing a DLL in the Folder c:\DLLs, an attacker can run arbitrary code on every execution of BleachBit for Windows. This issue has been...

7.3CVSS7.5AI score0.00247EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:13 p.m.7 views

CVE-2022-3761

OpenVPN Connect versions before 3.4.0.4506 macOS and OpenVPN Connect before 3.4.0.3100 Windows allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials...

5.9CVSS6.8AI score0.00704EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:35 p.m.6 views

CVE-2021-3341

A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host file system via an HTTP request...

7.5CVSS6.9AI score0.0128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:42 p.m.6 views

CVE-2020-8469

Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation...

7.8CVSS7AI score0.00455EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/20 12:0 a.m.6 views

Mozilla Firefox ESR Security Update (mfsa_2025-37) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

9.8CVSS8.2AI score0.08917EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/05/15 6:22 a.m.8 views

CVE-2025-27523 XXE vulnerability in JP1/IT Desktop Management 2 - Smart Device Manager

XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06...

8.7CVSS7AI score0.00321EPSS
Exploits0References1
CVE
CVE
added 2025/05/13 9:1 p.m.32 views

CVE-2025-20046

The CVE-2025-20046 entry applies to Intel® PROSet/Wireless WiFi Software for Windows prior to version 23.100. The root cause is a use-after-free condition in the wireless software that can allow an unauthenticated adjacent user to potentially cause a denial of service. Affected products listed in...

8CVSS7.4AI score0.00185EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.17 views

Google Chrome Security Update (stable-channel-update-for-desktop-2025-05) - Windows

Google Chrome is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

8.8CVSS7AI score0.00493EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/04/30 12:0 a.m.9 views

Mozilla Thunderbird ESR Security Update (mfsa_2025-32) - Windows

Mozilla Thunderbird ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.1CVSS8AI score0.00538EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/04/23 12:0 a.m.18 views

7-Zip Multiple Vulnerabilities (Apr 2025) - Windows

7zip is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:7-zip:7-zip"; ifdescription...

3.3CVSS4.4AI score0.00199EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/17 5:3 p.m.26 views

CVE-2025-32780

BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.6.2 is vulnerable to a DLL Hijacking vulnerability. By placing a malicious DLL with the name uuid.dll in the folder C:\Users\AppData\Local\Microsoft\WindowsApps, an attacker can execute...

7.3CVSS7.7AI score0.00214EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/04/02 12:0 a.m.11 views

Mozilla Firefox ESR Security Update (mfsa_2025-22) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

8.1CVSS7.2AI score0.00824EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/28 6:50 p.m.16 views

CVE-2025-2600

Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use the ELEVATEDPASSWORD variable even though not allowed by the "Allow password in variable policy". This issue affects Remote Desktop Manager versions from 2025.1.24...

6.8CVSS6.7AI score0.00384EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/03/26 12:0 a.m.20 views

Google Chrome Security Update (stable-channel-update-for-desktop_25-2025-03) - Windows

Google Chrome is prone to a sandbox escape vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

8.3CVSS8.4AI score0.08404EPSS
Exploits6References3
Rows per page
Query Builder