Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

129 matches found

Cvelist
Cvelistadded 2022/03/08 9:55 p.m.20 views

CVE-2022-26319

An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute...

6.7AI score0.00272EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2021/09/14 12:0 a.m.24 views

(0Day) Parallels Desktop virtio-net Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.2CVSS3.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2021/08/03 12:0 a.m.30 views

(Pwn2Own) Parallels Desktop virtio-gpu Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.2CVSS3.7AI score0.00259EPSS
Exploits0References1
NVD
NVDadded 2021/05/27 11:15 a.m.13 views

CVE-2021-32459

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

6.5CVSS0.0096EPSS
Exploits0References2
OSV
OSVadded 2021/05/27 11:15 a.m.3 views

CVE-2021-32459

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

6.5CVSS6.9AI score0.0096EPSS
Exploits0References2
Prion
Prionadded 2021/05/27 11:15 a.m.17 views

Hardcoded credentials

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

5.5CVSS6.7AI score0.0096EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2021/05/27 10:42 a.m.21 views

CVE-2021-32459

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

6.9AI score0.0096EPSS
Exploits0References2
NVD
NVDadded 2021/04/29 5:15 p.m.10 views

CVE-2021-31431

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

6CVSS0.00448EPSS
Exploits0References2
NVD
NVDadded 2021/04/29 5:15 p.m.13 views

CVE-2021-31430

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

6CVSS0.00448EPSS
Exploits0References2
NVD
NVDadded 2021/04/29 5:15 p.m.15 views

CVE-2021-31429

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

8.2CVSS0.00442EPSS
Exploits0References2
NVD
NVDadded 2021/04/29 5:15 p.m.19 views

CVE-2021-31423

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

6CVSS0.00448EPSS
Exploits0References2
CVE
CVEadded 2021/04/29 4:31 p.m.58 views

CVE-2021-31432

The CVE-2021-31432 issue affects Parallels Desktop 15.1.5-47309 and is tied to the IDE virtual device. The root cause is improper validation of user-supplied data that leads to an out-of-bounds read (read past the end of an allocated buffer). This information disclosure vulnerability requires a l...

6CVSS5.8AI score0.00448EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2021/04/29 4:31 p.m.49 views

CVE-2021-31423

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure (CVE-2021-31423) affects Parallels Desktop 15.1.5-47309. The flaw is in the Toolgate component and stems from failure to properly initialize memory before access, allowing a local attacker who can execute high-privilege code o...

6CVSS5.8AI score0.00448EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2021/04/29 4:31 p.m.17 views

CVE-2021-31423

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

6CVSS6.1AI score0.00448EPSS
Exploits0References2
Cvelist
Cvelistadded 2021/04/29 4:31 p.m.15 views

CVE-2021-31421

This vulnerability allows local attackers to delete arbitrary files on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists...

3.2CVSS6.2AI score0.00405EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiativeadded 2021/04/22 12:0 a.m.28 views

Oracle VirtualBox VMSVGA Numeric Truncation Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS3.8AI score0.00356EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2021/04/22 12:0 a.m.21 views

Oracle VirtualBox LsiLogicSCSI Race Condition Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS3.2AI score0.00687EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2021/04/22 12:0 a.m.32 views

Oracle VirtualBox LsiLogicSCSI Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS3.2AI score0.00687EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2021/04/21 12:0 a.m.40 views

Parallels Desktop IDE Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS2.9AI score0.00448EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2021/04/21 12:0 a.m.44 views

Parallels Desktop Toolgate Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

3.2CVSS2.5AI score0.00405EPSS
Exploits0References1
Rows per page
Query Builder