CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5048 matches found

ATTACKERKB•added 2022/02/24 3:15 a.m.•4 views

CVE-2022-24680

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and...

7.8CVSS7.4AI score0.00469EPSS

Exploits0References4

ATTACKERKB•added 2022/02/24 3:15 a.m.•5 views

CVE-2022-24679

7.8CVSS7.4AI score0.00469EPSS

Exploits0References4

NVD•added 2022/02/24 3:15 a.m.•26 views

CVE-2022-24680

7.8CVSS0.00469EPSS

Exploits0References3

Prion•added 2022/02/24 3:15 a.m.•17 views

Privilege escalation

7.2CVSS7.9AI score0.00469EPSS

Exploits0References3Affected Software2

Cvelist•added 2022/02/24 2:45 a.m.•23 views

CVE-2022-24679

8.2AI score0.00469EPSS

Exploits0References3

ATTACKERKB•added 2022/02/21 7:58 a.m.•4 views

CVE-2022-25297

This affects the package drogonframework/drogon before 1.7.5. The unsafe handling of file names during upload using HttpFile::save method may enable attackers to write files to arbitrary locations outside the designated target folder...

8.8CVSS7.3AI score0.01867EPSS

Exploits1References4

ATTACKERKB•added 2022/02/18 12:50 p.m.•4 views

CVE-2022-25299

This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mghttpupload method may enable attackers to write files to arbitrary locations outside the designated target folder...

9.8CVSS7.2AI score0.01411EPSS

Exploits1References3

CISA KEV Catalog•added 2022/02/15 12:0 a.m.•42 views

PHPUnit Command Injection Vulnerability

PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI...

9.8CVSS6.7AI score0.99999EPSS

In wildExploits19

NVD•added 2022/02/11 6:15 p.m.•20 views

CVE-2022-0483

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis VSS Doctor Windows before build 53...

7.8CVSS0.00194EPSS

Exploits0References1

Prion•added 2022/02/11 6:15 p.m.•12 views

Privilege escalation

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis VSS Doctor Windows before build 53...

4.6CVSS7.8AI score0.00194EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/02/11 5:40 p.m.•19 views

CVE-2022-0483 Local privilege escalation due to insecure folder permissions

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis VSS Doctor Windows before build 53...

8.1AI score0.00194EPSS

Exploits0References1

CVE•added 2022/02/11 5:40 p.m.•85 views

CVE-2022-0483

CVE-2022-0483 affects Acronis VSS Doctor (Windows) prior to build 53. The vulnerability is a local privilege escalation caused by insecure folder permissions, allowing a low-privileged attacker to gain higher privileges on affected systems. The NVD entry confirms the local attack vector with a CV...

7.8CVSS7.9AI score0.00194EPSS

Exploits0References1Affected Software1

CNNVD•added 2022/02/11 12:0 a.m.•3 views

Acronis VSS Doctor 代码问题漏洞

Acronis VSS Doctor is a diagnostic and repair tool from Acronis Singapore. It is available free of charge to help you quickly identify and effectively repair the most common Volume Shadow Copy Service problems. A security vulnerability exists in versions prior to Acronis VSS Doctor build 53 that...

7.8CVSS7.3AI score0.00194EPSS

Exploits0References2

ATTACKERKB•added 2022/02/11 12:0 a.m.•3 views

CVE-2022-0483

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis VSS Doctor Windows before build 53...

7.8CVSS7.2AI score0.00194EPSS

Exploits0References2

Github Security Blog•added 2022/02/10 8:28 p.m.•45 views

Path Traversal in Eclipse Vert

In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0-milestone1, 4.0.0-milestone2, 4.0.0-milestone3, 4.0.0-milestone4, 4.0.0-milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the...

9.8CVSS2.8AI score0.01977EPSS

Exploits0References10Affected Software1

OSV•added 2022/02/09 11:15 p.m.•2 views

CVE-2021-26613

improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method...

7.5CVSS5.8AI score0.00818EPSS

Exploits0References1

NVD•added 2022/02/09 11:15 p.m.•11 views

CVE-2021-26613

improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method...

8.1CVSS0.00818EPSS

Exploits0References1

Prion•added 2022/02/09 11:15 p.m.•18 views

Input validation

improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method...

5CVSS7.5AI score0.00818EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/02/09 10:5 p.m.•14 views

CVE-2021-26613 tobesoft nexacro arbitrary file creation vulnerability

improper input validation vulnerability in nexacro permits copying file to the startup folder using rename method...

8.1CVSS8.2AI score0.00818EPSS

Exploits0References1

CVE•added 2022/02/09 10:5 p.m.•90 views

CVE-2021-26613

CVE-2021-26613 affects the Nexacro framework. The vulnerability arises from improper input validation in Nexacro that permits copying a file to the startup folder via the rename method. Impact is described in sources as potentially enabling arbitrary file creation or modification in startup-relat...

8.1CVSS7.7AI score0.00818EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by