Lucene search
+L

1561 matches found

euvd
euvd
added 2 days ago5 views

EUVD-2026-43632

An Improper link resolution before file access 'link following' vulnerability in the File Shredder module as used in Bitdefender Total Security and Internet Security on Windows allows a less-privileged local user to elevate rights by leveraging a race conditions via Symbolic Links. This issue...

7CVSS6.1AI score0.00121EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/07 12:8 p.m.13 views

CVE-2026-49494 Xcitium Client Security / Comodo Internet Security Remote Denial of Service

Xcitium Client Security XCS before 13.8.2.10019 and Comodo Internet Security CIS through 12.3.4.8162 fix expected by 2026 Q3 contain an integer underflow vulnerability in the firewall driver Inspect.sys that allows remote unauthenticated attackers to crash the system by sending a crafted IPv6...

8.7CVSS6.2AI score0.00542EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/07 12:8 p.m.52 views

CVE-2026-49494 Xcitium Client Security / Comodo Internet Security Remote Denial of Service

Xcitium Client Security XCS before 13.8.2.10019 and Comodo Internet Security CIS through 12.3.4.8162 fix expected by 2026 Q3 contain an integer underflow vulnerability in the firewall driver Inspect.sys that allows remote unauthenticated attackers to crash the system by sending a crafted IPv6...

8.7CVSS0.00542EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/06/07 12:0 a.m.13 views

Comodo Internet Security 数字错误漏洞

Comodo Internet Security is a set of computer security software developed by the American company Comodo, primarily aimed at internet security. Comodo Internet Security has a digital error vulnerability; this vulnerability stems from an integer underflow in the IPv6 packet resolver within the...

8.7CVSS5.8AI score0.00542EPSS
Exploits0References3
osv
osv
added 2026/05/27 12:17 p.m.2 views

CVE-2026-45905 xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...

4.7CVSS5.8AI score0.00111EPSS
Exploits0References9
osv
osv
added 2026/05/08 2:22 p.m.2 views

CVE-2026-43467 net/mlx5: Fix crash when moving to switchdev mode

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix crash when moving to switchdev mode When moving to switchdev mode when the device doesn't support IPsec, we try to clean up the IPsec resources anyway which causes the crash below, fix that by correctly checking for...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References7
hackread
hackread
added 2026/04/17 5:44 p.m.8 views

The Race to Quantum-Proof the Internet Has Already Begun

The race to quantum-proof the internet is underway as experts warn of “harvest now, decrypt later” risks and slow migration to post-quantum security...

5.7AI score
Exploits0
redhatcve
redhatcve
added 2026/03/06 2:37 p.m.6 views

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\\ProgramData without validating whether the path resolves through a symbolic link or reparse...

8.5CVSS5.9AI score0.00179EPSS
Exploits0References1
euvd
euvd
added 2026/03/05 3:30 p.m.8 views

EUVD-2026-9820

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

8.5CVSS6AI score0.00179EPSS
Exploits0References5
nvd
nvd
added 2026/03/05 3:16 p.m.14 views

CVE-2026-27750

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

7.8CVSS0.00102EPSS
Exploits0References3
osv
osv
added 2026/03/05 3:16 p.m.10 views

CVE-2026-27750

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

7CVSS5.8AI score0.00102EPSS
Exploits0References4
nvd
nvd
added 2026/03/05 3:16 p.m.10 views

CVE-2026-27749

Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\ProgramData using .NET BinaryFormatter without...

7.8CVSS0.00323EPSS
Exploits0References3
nvd
nvd
added 2026/03/05 3:16 p.m.9 views

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

7.8CVSS0.00179EPSS
Exploits0References3
cvelist
cvelist
added 2026/03/05 2:15 p.m.33 views

CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

7.8CVSS0.00179EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/03/05 2:15 p.m.5 views

CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

8.5CVSS5.9AI score0.00179EPSS
Exploits0References4
cvelist
cvelist
added 2026/03/05 2:15 p.m.41 views

CVE-2026-27749 Avira Internet Security System Speedup Insecure Deserialization

Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\ProgramData using .NET BinaryFormatter without...

7.8CVSS0.00323EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/03/05 2:15 p.m.8 views

CVE-2026-27750

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

8.5CVSS6AI score0.00102EPSS
Exploits0References5
cvelist
cvelist
added 2026/03/05 2:15 p.m.33 views

CVE-2026-27750 Avira Internet Security Optimizer TOCTOU

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

7.8CVSS0.00102EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/03/05 12:0 a.m.10 views

Avira Internet Security 安全漏洞

Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability, which stems from the System Speedup component deserializing unreliable data. This could allow local attackers to execute arbitrary code with SYSTEM...

8.5CVSS7.8AI score0.00323EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/03/05 12:0 a.m.7 views

Avira Internet Security 安全漏洞

Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability, which stems from a race condition in the Optimizer component. This vulnerability could allow local attackers to delete protected files or directories...

8.5CVSS5.8AI score0.00102EPSS
Exploits0References4
Rows per page
Query Builder