Lucene search
K

14 matches found

CVE
CVE
added 2025/10/23 9:2 p.m.14 views

CVE-2025-12100

CVE-2025-12100 affects MongoDB BI Connector ODBC driver versions 1.0.0–1.4.6, due to an incorrectly set default privilege that enables local privilege escalation. The issue is documented across multiple sources (including Red Hat and OSV entries) with the same description. A fix appears in v1.4.7...

8.8CVSS6.6AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2025/10/08 10:15 p.m.6 views

CVE-2025-11535

MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24...

8.8CVSS0.00111EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-33429

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01127EPSS
Exploits1References1
NVD
NVD
added 2025/09/15 4:15 p.m.7 views

CVE-2025-10491

The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 a...

7.8CVSS0.00111EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/15 4:4 p.m.3 views

CVE-2025-10491 MongoDB Windows installation MSI may leave ACLs unset on custom installation directories

The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 a...

7.8CVSS6.5AI score0.00111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.7 views

PT-2025-37717

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 6.0.25 MongoDB Server versions prior to 7.0.21 MongoDB Server versions prior to 8.0.5 Description: The MongoDB Windows installation MSI may leave Access Control Lists ACLs unset on custom installation...

7.8CVSS6.4AI score0.00111EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/06/20 12:0 a.m.4 views

SAMSUNG Magician PC Software Security Vulnerability

SAMSUNG Magician PC Software is an application from the South Korean company Samsung SAMSUNG. Designed to help manage Samsung SSDs. A security vulnerability exists in SAMSUNG Magician PC Software version 8.0.0. An attacker could exploit the vulnerability to elevate privileges by tampering with...

6.3CVSS6.7AI score0.00142EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/23 9:16 p.m.2 views

CVE-2022-28999

Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe...

8.8CVSS7.5AI score0.01127EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/05/23 8:16 p.m.15 views

CVE-2022-28999

Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe...

9.1AI score0.01127EPSS
Exploits1References1
Kitploit
Kitploit
added 2021/01/27 8:30 p.m.39 views

SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV's, EDR's And Logging Tools

New and improved C Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for...

7.1AI score
Exploits0References4
CNVD
CNVD
added 2018/03/06 12:0 a.m.0 views

Gemalto SafeNet Authentication Service for AD FS Agent Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service for AD FS Agent is a federated authentication service agent from Gemalto USA. A security vulnerability exists in Gemalto SafeNet Authentication Service for AD FS Agent, which stems from the program's use of weak access control lists for installation...

7.8CVSS7AI score0.00405EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/06 12:0 a.m.1 views

Gemalto SafeNet Authentication Service IIS Agent Elevation of Privilege Vulnerability

The Gemalto SafeNet Authentication Service IIS Agent is a Gemalto agent that provides two-factor authentication for systems running Microsoft Internet Information Services IIS including Outlook Web Access, the mail client component. The security vulnerability in the Gemalto SafeNet Authentication...

7.8CVSS6.8AI score0.00405EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/06 12:0 a.m.3 views

Gemalto SafeNet Authentication Service End User Software Tools for Windows Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service End User Software Tools for Windows is a Windows-based SafeNet Authentication Service tool from Gemalto USA. A security vulnerability exists in SafeNet Authentication Service End User Software Tools for Windows that stems from the program's use of weak acces...

7.8CVSS6.8AI score0.00405EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/03/02 10:29 p.m.19 views

CVE-2015-7964

SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module...

7.8CVSS5.5AI score0.00405EPSS
Exploits0References6
Rows per page
Query Builder