Lucene search
K

473 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:28 p.m.16 views

CVE-2020-29658

Zoho ManageEngine Application Control Plus before 100523 has an insecure SSL configuration setting for Nginx, leading to Privilege Escalation...

9.8CVSS7AI score0.03699EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:10 a.m.6 views

CVE-2018-10381

TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "OpenVPNConnect"...

10CVSS7.8AI score0.03701EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:55 a.m.10 views

CVE-2019-1167

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'...

4.1CVSS6.8AI score0.011EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:39 a.m.6 views

CVE-2019-0733

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'...

5.3CVSS6.7AI score0.01178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:37 a.m.8 views

CVE-2019-0330

The OS Command Plugin in the transaction GPAADMIN and the OSCommand Console of SAP Diagnostic Agent LM-Service, version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...

9.1CVSS7.1AI score0.02168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:3 a.m.8 views

CVE-2010-2824

Unspecified vulnerability on the Cisco Application Control Engine ACE Module with software A21.x before A21.6, A22.x before A22.3, and A23.x before A23.1 for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service device reload via a sequence of...

7.8CVSS6.9AI score0.01763EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:2 a.m.7 views

CVE-2010-2822

Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine ACE Module with software before A23.2 for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine ACE 4710 appliance with software before A32.6, allows remote...

7.8CVSS7AI score0.01763EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:30 a.m.13 views

CVE-2016-1715

The swin.sys kernel driver in McAfee Application Control MAC 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service memory corruption and system crash or...

6.6CVSS7AI score0.02314EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:42 a.m.8 views

CVE-2012-4593

McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command...

5CVSS7.1AI score0.00988EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:45 a.m.7 views

CVE-2010-2825

Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine ACE Module with software A21.x before A21.6, A22.x before A22.3, and A23.x before A23.1 for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine ACE 4710...

7.8CVSS7AI score0.01205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:36 p.m.11 views

CVE-2009-0615

Directory traversal vulnerability in Cisco Application Networking Manager ANM before 2.0 and Application Control Engine ACE Device Manager before A32.1 allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions."...

9CVSS6.6AI score0.02035EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/10 5:38 p.m.19 views

CVE-2025-26678

Improper access control in Windows Defender Application Control WDAC allows an unauthorized attacker to bypass a security feature locally...

8.4CVSS6.7AI score0.00476EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/04/10 12:0 a.m.5 views

The vulnerability of Windows Defender Application Control (WDAC) in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of Windows Defender Application Control WDAC on Windows operating systems is related to errors in access control. Exploiting this vulnerability can allow a hacker to bypass existing security restrictions...

8.4CVSS7.6AI score0.00476EPSS
Exploits0References3
OSV
OSV
added 2025/04/08 6:15 p.m.3 views

CVE-2025-26678

Improper access control in Windows Defender Application Control WDAC allows an unauthorized attacker to bypass a security feature locally...

8.4CVSS5.8AI score0.00476EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/08 5:23 p.m.20 views

CVE-2025-26678 Windows Defender Application Control Security Feature Bypass Vulnerability

...

8.4CVSS7.2AI score0.00476EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.20 views

Windows Defender Application Control Security Feature Bypass Vulnerability

Improper access control in Windows Defender Application Control WDAC allows an unauthorized attacker to bypass a security feature locally...

8.4CVSS6.9AI score0.00476EPSS
Exploits0
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

Microsoft Windows Defender Application Control(WDAC) 访问控制错误漏洞

Microsoft Windows Defender Application Control WDAC is a security tool from Microsoft Corporation USA that restricts the operation of programs at the software level by configuring policies to reduce the scope of what hackers can attack. An access control error vulnerability exists in Microsoft...

8.4CVSS8.1AI score0.00476EPSS
Exploits0References2
NVD
NVD
added 2025/03/12 10:15 a.m.13 views

CVE-2025-21848

In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfpappctrlmsgalloc Add check for the return value of nfpappctrlmsgalloc in nfpbpfcmsgalloc to prevent null pointer dereference...

5.5CVSS0.0021EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/02/06 4:42 a.m.13 views

CVE-2021-31833

Potential product security bypass vulnerability in McAfee Application and Change Control MACC prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by...

7.8CVSS6.8AI score0.00251EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:2 p.m.5 views

CVE-2024-25102

This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this...

7.8CVSS6.7AI score0.00133EPSS
Exploits0References1
Rows per page
Query Builder