Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/15 10:32 p.m.4 views

CVE-2025-13154

An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges...

6.8CVSS6.5AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/15 12:31 a.m.5 views

EUVD-2025-206290

An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges...

6.8CVSS6AI score0.00118EPSS
Exploits0References2
NVD
NVD
added 2026/01/14 11:15 p.m.6 views

CVE-2025-13154

An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges...

6.8CVSS0.00118EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/14 10:16 p.m.4 views

CVE-2025-13154

An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges...

6.8CVSS6.2AI score0.00118EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/14 10:16 p.m.5 views

CVE-2025-13154

An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges...

6.8CVSS5.6AI score0.00118EPSS
Exploits0References2
CVE
CVE
added 2026/01/14 10:16 p.m.7 views

CVE-2025-13154

CVE-2025-13154 affects Lenovo Vantage SmartPerformanceAddin. Root cause: improper link following enabling an authenticated local user to delete arbitrary files with elevated privileges. Impact: local privilege escalation with high availability impact; base metrics: CVSS v3.1 (AV:L/AC:L/PR:L/UI:N/...

6.8CVSS6.2AI score0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.7 views

PT-2026-2958

Name of the Vulnerable Software and Affected Versions Lenovo Vantage SmartPerformanceAddin versions prior to 1.1.0.1111 Description An improper link following issue exists in the SmartPerformanceAddin for Lenovo Vantage. This allows an authenticated local user to perform arbitrary file deletion...

6.8CVSS5.9AI score0.00118EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.4 views

ASUS Armoury Crate 安全漏洞

ASUS Armoury Crate is a utility software developed by ASUS to centrally control and manage ROG Gamerland and some ASUS gaming products. ASUS Armoury Crate suffers from a link following improper vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

8.5CVSS6.4AI score0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-10406

Malware in sbrugna...

9CVSS8.3AI score0.03795EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.4 views

Trend Micro Security 安全漏洞

Trend Micro Security is an antivirus software from Trend Micro. A security vulnerability exists in Trend Micro Security version 17.8, which stems from improper link following and could lead to local elevation of privilege...

7.8CVSS6.1AI score0.00146EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.5 views

Trend Micro Security 安全漏洞

Trend Micro Security is an antivirus software from Trend Micro. A security vulnerability exists in Trend Micro Security version 17.8, which stems from improper link following and could lead to local elevation of privilege...

7.8CVSS6.1AI score0.00144EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.34 views

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1321)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.7AI score0.03795EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.38 views

EulerOS Virtualization for ARM 64 3.0.1.0 : qemu-kvm (EulerOS-SA-2019-1405)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the...

9CVSS7AI score0.25348EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2018/10/25 12:0 a.m.45 views

EulerOS Virtualization 2.5.1 : qemu-kvm (EulerOS-SA-2018-1321)

According to the version of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest cou...

9CVSS7.8AI score0.03795EPSS
Exploits1References2
Prion
Prion
added 2018/04/26 7:29 p.m.27 views

Input validation

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host...

9CVSS6.7AI score0.03795EPSS
Exploits1References8Affected Software2
CVE
CVE
added 2018/04/26 7:0 p.m.104 views

CVE-2016-9602

CVE-2016-9602 is tied to QEMU (qemu-kvm) built with VirtFS where, before version 2.9, a privileged guest user can trigger an improper link following to access the host filesystem outside the shared folder, potentially escalating privileges on the host. The connected EulerOS advisory confirms this...

9CVSS7AI score0.03795EPSS
Exploits1References8Affected Software1
OpenVAS
OpenVAS
added 2018/02/07 12:0 a.m.40 views

Debian: Security Advisory (DLA-1035-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS8AI score0.04448EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2017/01/17 12:17 p.m.32 views

CVE-2016-9602

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host...

9CVSS4AI score0.03795EPSS
Exploits1References1
Rows per page
Query Builder