Lucene search
K

259 matches found

EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข8 views

EUVD-2023-34262

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.004EPSS
Exploits0References1
EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข5 views

EUVD-2025-27421

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00177EPSS
Exploits0References1
Kaspersky
Kaspersky
โ€ขadded 2025/09/18 12:0 a.m.โ€ข6 views

KLA88208 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Bluetooth Service can be exploited remotely to gain privileges. 2. An...

7CVSS7.2AI score0.00298EPSS
Exploits0References15
Cvelist
Cvelist
โ€ขadded 2025/09/15 12:20 p.m.โ€ข11 views

CVE-2025-3025 CCleaner Link Following Local Privilege Escalation Vulnerability

Elevation of Privileges in the cleaning feature of Gen Digital CCleaner version 6.33.11465 on Windows allows a local user to gain SYSTEM privileges via exploiting insecure file delete operations. Reported in CCleaner v. 6.33.11465. This issue affects CCleaner: before 6.36.11508...

7.3CVSS0.00132EPSS
Exploits0References1
Gitee
Gitee
โ€ขadded 2025/09/14 11:1 a.m.โ€ข119 views

windows-privesc-check

It is an offensive tool for Windows privilege escalation checking. The tool, windows-privesc-check, is a standalone executable that runs on Windows systems, attempting to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or access local apps. I...

7.1AI score
Exploits0
NVD
NVD
โ€ขadded 2025/08/14 5:15 p.m.โ€ข5 views

CVE-2025-9043

The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows an attacker with Admin privileges to exploit a vulnerability as classified under CWE-428: Unquoted Search Path or Element. An attacker with write permissions to the root could place a malicious...

6.7CVSS0.00135EPSS
Exploits0References2
Information Security Automation
Information Security Automation
โ€ขadded 2025/08/12 3:47 p.m.โ€ข16 views

August โ€œIn the Trend of VMโ€ (#18): vulnerabilities in Microsoft Windows and SharePoint

August "In the Trend of VM" 18: vulnerabilities in Microsoft Windows and SharePoint. A traditional monthly roundup - this time, it's extremely short. Post on Habr rus Digest on the PT website rus Only two trending vulnerabilities: Remote Code Execution - Microsoft SharePoint Server "ToolShell"...

9.8CVSS7.1AI score0.99979EPSS
Exploits45
BDU FSTEC
BDU FSTEC
โ€ขadded 2025/07/16 12:0 a.m.โ€ข7 views

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7CVSS7.9AI score0.00348EPSS
Exploits0References2
Cvelist
Cvelist
โ€ขadded 2025/06/25 9:25 a.m.โ€ข12 views

CVE-2025-49797

Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the...

8.5CVSS0.00147EPSS
Exploits0References4
CVE
CVE
โ€ขadded 2025/06/16 1:56 p.m.โ€ข35 views

CVE-2025-36632

CVE-2025-36632 affects Tenable Agent on Windows prior to 10.8.5, where a non-administrative user can execute code with SYSTEM privileges. The vulnerability is documented across multiple sources (including Red Hat, NVD, CNVD) as a local privilege escalation in Tenable Agent; Tenable has released v...

7.8CVSS7.2AI score0.0019EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
โ€ขadded 2025/06/15 2:21 p.m.โ€ข7 views

CVE-2025-36633

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation...

8.8CVSS8.4AI score0.00173EPSS
Exploits0References1
Cvelist
Cvelist
โ€ขadded 2025/06/13 2:34 p.m.โ€ข20 views

CVE-2025-36631 Local Privilege Escalation

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege...

8.4CVSS0.00164EPSS
Exploits0References1
Cvelist
Cvelist
โ€ขadded 2025/06/04 12:2 p.m.โ€ข28 views

CVE-2025-48959

Local privilege escalation due to insecure file permissions. The following products are affected: Acronis Cyber Protect Cloud Agent Windows before build 40077...

6.7CVSS0.00109EPSS
Exploits0References1
Cvelist
Cvelist
โ€ขadded 2025/06/03 4:42 p.m.โ€ข49 views

CVE-2025-30167 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...

7.3CVSS0.00154EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
โ€ขadded 2025/06/03 5:40 a.m.โ€ข4 views

Improper file access permission settings in PC Time Tracer

Overview PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below. Incorrect default permissions CWE-276 - CVE-2025-46355 Ruslan Sayfiev and Masahiro Kawada of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

7.3CVSS6.5AI score0.00139EPSS
Exploits0References4
OSV
OSV
โ€ขadded 2025/05/23 4:15 p.m.โ€ข4 views

CVE-2025-24917

In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could stage files in a local directory to run arbitrary code with SYSTEM privileges, potentially leading to local privilege escalation...

7.8CVSS7.7AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/23 8:33 a.m.โ€ข7 views

CVE-2024-50592

An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a race condition in the Elefant Update Service during the repair or update process. When using the repair function, the service queries the server for a lis...

7CVSS7.4AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/23 6:23 a.m.โ€ข10 views

CVE-2024-7980

Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. Chromium security severity: Medium...

7.8CVSS7.2AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/23 3:45 a.m.โ€ข8 views

CVE-2023-31027

NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may lead to escalation of privileges...

8.2CVSS7.4AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/23 1:4 a.m.โ€ข8 views

CVE-2022-37326

Docker Desktop for Windows before 4.6.0 allows attackers to delete or create any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation...

7.8CVSS7AI score0.00295EPSS
Exploits0References1
Rows per page
Query Builder