Lucene search
K

71 matches found

CVE
CVE
added 2025/05/26 4:31 a.m.87 views

CVE-2025-5169

CVE-2025-5169 affects Open Asset Import Library (Assimp) version 5.4.3. The issue is in MDLImporter::InternReadFile_3DGS_MDL345 inside MDLLoader.cpp and causes an out-of-bounds read. Local access is required. The description notes that the exploit has been disclosed publicly and may be used. Ther...

5.5CVSS4.2AI score0.00208EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 1:56 a.m.8 views

CVE-2023-24523

An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent Start Service - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS...

8.8CVSS6.7AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:53 p.m.10 views

CVE-2020-9258

HUAWEI P30 smartphone with versions earlier than 10.1.0.135C00E135R2P11 have an improper input verification vulnerability. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting malicious fragment...

5.5CVSS6.4AI score0.00222EPSS
Exploits0References1
CVE
CVE
added 2025/05/20 9:31 p.m.65 views

CVE-2025-5001

CVE-2025-5001 affects GNU PSPP (pspp-convert.c: calloc). Root cause: manipulation of the -l argument leads to an integer overflow in calloc. Impact: potential local impact, with availability degraded; confidentiality/integrity not affected per sources. Exploit has been disclosed publicly. Affecte...

5.5CVSS4AI score0.00237EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2025/05/01 2:15 p.m.44 views

CVE-2025-23254

NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data validation issue by local access to the TRTLLM server. A successful exploit of this vulnerability may lead to code execution, information disclosure and data tampering...

8.8CVSS0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/12 2:35 a.m.19 views

CVE-2025-29989

Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...

3.1CVSS6.7AI score0.00133EPSS
Exploits0References3
NVD
NVD
added 2025/04/10 3:15 a.m.32 views

CVE-2025-26330

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account...

7CVSS0.00149EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/10 1:55 a.m.6 views

CVE-2025-29989

Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...

3.1CVSS6.4AI score0.00133EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/04/02 10:0 p.m.7 views

CVE-2025-3121

A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used...

5.5CVSS3.7AI score0.00254EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.6 views

PT-2025-13774 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A critical issue has been identified, affecting the torch.nn.utils.rnn.pad packed sequence function, which can lead to memory corruption. This issue requires local access to exploit. Recommendations: For...

5.3CVSS5AI score0.00185EPSS
Exploits0References19
CVE
CVE
added 2025/03/28 4:31 p.m.72 views

CVE-2025-2914

CVE-2025-2914 affects HDF5 up to 1.14.6. The vulnerability is in H5FS__sinfo_Srialize_Sct_cb in src/H5FScache.c, where manipulating the sect argument can cause a heap-based buffer overflow. Local access is required, and an exploit has been disclosed. In some advisories, a patched package version ...

4.8CVSS7.3AI score0.00255EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/03/17 6:15 p.m.10 views

CVE-2024-49561

Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.8CVSS0.00163EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-1298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful...

6CVSS6.5AI score0.00217EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.20 views

Linux Distros Unpatched Vulnerability : CVE-2021-4028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a...

7.8CVSS6.8AI score0.00296EPSS
Exploits0References3
NVD
NVD
added 2025/02/20 12:15 p.m.26 views

CVE-2025-21105

Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down t...

7.8CVSS0.00148EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/01/17 12:0 a.m.8 views

Zoom Workplace Desktop App < 6.2.10 DoS (ZSB-25005)

The version of Zoom Workplace Desktop App installed on the remote host is prior to 6.2.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25005 advisory. - Symlink following in the installer for Zoom Workplace app for macOS before 6.2.10 may allow an authenticated user to...

5CVSS5.5AI score0.00225EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.6 views

PT-2025-32537 · Unknown +1 · Nasm Netwide Assember +1

Name of the Vulnerable Software and Affected Versions: NASM Netwide Assember version 2.17rc0 Description: A heap-based buffer overflow exists in the macho no dead strip function within the outmacho.c file. Local access is required for exploitation. The exploit for this issue has been publicly...

5.3CVSS5.3AI score0.00253EPSS
Exploits1References19
CNVD
CNVD
added 2024/12/27 12:0 a.m.10 views

Dell NativeEdge Elevation of Privilege Vulnerability

Dell NativeEdge is a software provided by Dell for managing and configuring network devices. A security vulnerability exists in Dell NativeEdge. An attacker could exploit the vulnerability to locally access the system with low privileges, resulting in elevated privileges...

7.8CVSS7.1AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2024/05/30 9:15 p.m.6 views

AZL-42337 CVE-2024-1298 affecting package hvloader for versions less than 1.0.1-3

EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability...

6CVSS6.7AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.6 views

NVIDIA DGX Buffer Error Vulnerability

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A buffer error vulnerability exists in NVIDIA DGX A100 Servers, which originates from a heap-based buffer overflow that could be caused by a user via local access...

7.8CVSS7AI score0.00194EPSS
Exploits0References2
Rows per page
Query Builder