Lucene search
+L

547 matches found

cvelist
cvelist
added 2 days ago38 views

CVE-2026-40953 Heap overflow in Secure Access clients

CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...

6.7CVSS0.00073EPSS
Exploits0References1
nvd
nvd
added 2 days ago8 views

CVE-2026-15030

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...

5.6CVSS0.00101EPSS
Exploits0References1
nvd
nvd
added 2 days ago8 views

CVE-2026-13585

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...

8.2CVSS0.00112EPSS
Exploits0References1
cve
cve
added 2 days ago12 views

CVE-2026-15029

The CVE-2026-15029 entry covers an Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager. The vulnerability permits a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests...

8.4CVSS6.2AI score0.00118EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago37 views

CVE-2026-15029

Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protection...

8.4CVSS0.00118EPSS
Exploits0References1
cve
cve
added 2 days ago9 views

CVE-2026-15030

The CVE-2026-15030 entry concerns ASUS components: System Control Interface v3, System Control Interface, and ASUS Business Manager. The weakness is an out-of-bounds read caused by a crafted IOCTL request that bypasses validation, enabling a local administrator to read memory regions beyond the i...

5.6CVSS6.1AI score0.00101EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago36 views

CVE-2026-15030

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...

5.6CVSS0.00101EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago37 views

CVE-2026-13585

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...

8.2CVSS0.00112EPSS
Exploits0References1
cve
cve
added 2 days ago11 views

CVE-2026-13585

The CVE-2026-13585 affects the ASUS System Control Interface (SCI) driver and ASUS Business Manager. The root cause is Allocation of Resources Without Limits and Throttling, leading to potential exposure of sensitive information via crafted IOCTL requests. A local administrator can leverage this ...

8.2CVSS6AI score0.00112EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2 days ago8 views

PT-2026-58873

Name of the Vulnerable Software and Affected Versions ASUS System Control Interface driver affected versions not specified ASUS Business Manager affected versions not specified Description Improper resource allocation without limits or throttling, combined with the failure to remove sensitive...

8.2CVSS6.1AI score0.00112EPSS
Exploits0References9
euvd
euvd
added 2026/07/09 7:19 p.m.8 views

EUVD-2026-42691

A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges. This issue only affects Prisma® Browser on macOS...

5.4CVSS6AI score0.00112EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/30 8:59 a.m.6 views

CVE-2025-7406

Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative local admin privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute...

5.9AI score0.00128EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/22 2:0 a.m.3 views

CVE-2026-8918

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS6AI score0.00224EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/22 2:0 a.m.35 views

CVE-2026-8918

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS0.00224EPSS
Exploits0References1
euvd
euvd
added 2026/06/22 2:0 a.m.9 views

EUVD-2026-38205

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS6AI score0.00224EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/22 12:0 a.m.20 views

PT-2026-51273

Name of the Vulnerable Software and Affected Versions ASUS Armoury Crate affected versions not specified Description A permissive list of allowed inputs allows a local administrator to bypass the validation mechanism. This can lead to arbitrary memory read/write operations or cause a system crash...

7.1CVSS5.9AI score0.00224EPSS
Exploits0References9
euvd
euvd
added 2026/06/10 3:2 a.m.11 views

EUVD-2025-210098

A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...

6.9CVSS5.4AI score0.00259EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.12 views

NETGEAR RAXE450和NETGEAR RAXE500 输入验证错误漏洞

NETGEAR RAXE450 and NETGEAR RAXE500 are wireless routers produced by the American company NETGEAR. Both devices have a vulnerability related to input validation. This vulnerability stems from the possibility of authenticated administrators who are connected to the local network being able to modi...

6.8CVSS5.3AI score0.0018EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:42 p.m.18 views

CVE-2025-61971

A flaw was found in the microcode that manages NBIO registers. A local attacker with administrative privileges could exploit a missing security control, allowing them to alter critical system configurations. This could compromise the integrity of virtual machines protected by Secure Encrypted...

6CVSS5.1AI score0.00116EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/05 7:41 p.m.14 views

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

8.5CVSS6.2AI score0.0013EPSS
Exploits0References1
Rows per page
Query Builder