Lucene search
K

4316 matches found

Intel
Intel
added 2025/11/11 12:0 a.m.7 views

Intel® DSA Software Advisory

Summary: A potential security vulnerability for some Intel® Driver & Support Assistant Intel® DSA software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-30506 Description: Uncontrolled search...

6.7CVSS6.9AI score0.00115EPSS
Exploits0
Intel
Intel
added 2025/11/11 12:0 a.m.6 views

Intel® System Support Utility Advisory

Summary: A potential security vulnerability for the Intel® System Support Utility may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-24842 Description: Uncontrolled search path for the Intel® Syst...

6.7CVSS6.9AI score0.00123EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46454

Name of the Vulnerable Software and Affected Versions Azure Monitor Agent affected versions not specified Description A heap-based buffer overflow exists in Azure Monitor Agent. This allows an unauthorized attacker to execute code locally. Recommendations At the moment, there is no information...

7.3CVSS6.1AI score0.00309EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.4 views

PT-2025-46496

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description A heap-based buffer overflow exists in Microsoft Office Excel. This issue could allow an unauthorized attacker to execute code locally. Recommendations At the moment, there is ...

7.8CVSS6AI score0.00457EPSS
Exploits0References8
NVD
NVD
added 2025/11/06 9:15 p.m.5 views

CVE-2025-12489

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS0.01267EPSS
Exploits0References2
OSV
OSV
added 2025/11/06 9:15 p.m.3 views

CVE-2025-12489

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS7.6AI score
Exploits0References2
NVD
NVD
added 2025/11/04 8:17 p.m.3 views

CVE-2025-23358

NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges...

8.2CVSS0.00235EPSS
Exploits0References3
CVE
CVE
added 2025/11/04 7:47 p.m.16 views

CVE-2025-23358

CVE-2025-23358 affects NVIDIA NVApp for Windows. The vulnerability is a flaw in the NVIDIA NVApp installer that can manipulate a search path element, potentially enabling code execution and privilege escalation on a local attacker’s host. Multiple connected sources confirm the issue and its impac...

8.2CVSS7.2AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/04 7:47 p.m.6 views

CVE-2025-23358

NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges...

8.2CVSS0.00235EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.5 views

PT-2025-44645

Name of the Vulnerable Software and Affected Versions Bizerba Communication Server BCS affected versions not specified Description The Bizerba Communication Server BCS service has an unquoted service path. This occurs when the Windows service's executable path contains spaces but is not enclosed ...

8.8CVSS6.5AI score0.00128EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/10/30 12:12 a.m.14 views

CVE-2025-61161

DLL hijacking vulnerability in Evope Collector 1.1.6.9.0 and related components load the wtsapi32.dll library from an uncontrolled search path C:\ProgramData\Evope. This allows local unprivileged attackers to execute arbitrary code or escalate privileges to SYSTEM by placing a crafted DLL in that...

8.4CVSS7.7AI score0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.4 views

PT-2025-50327

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.13.0 with PutContents API enabled. Description Gogs contains a path traversal vulnerability in the PutContents API, allowing authenticated attackers to overwrite files outside the repository and achieve remote code...

9CVSS8AI score0.7654EPSS
Exploits33References201
OSV
OSV
added 2025/10/27 4:53 p.m.6 views

MGASA-2025-0249 Updated icu packages fix security vulnerability

A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...

7CVSS9.3AI score0.00296EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.5 views

BambuStudio 安全漏洞

BambuStudio is a Bambu Lab open source software that connects BambuLab to other 3D printers. A security vulnerability exists in BambuStudio version 2.1.1.52 and prior versions, which stems from the loading of a web plug-in at application startup without verifying the digital signature or...

6.1CVSS6.9AI score0.00146EPSS
Exploits0References4
CNVD
CNVD
added 2025/10/17 12:0 a.m.4 views

Fortinet FortiClientMAC Resource Management Error Vulnerability

Fortinet FortiClientMAC is a U.S. fly tower Fortinet company based on macOS platform security tools. Fortinet FortiClientMAC has a resource management error vulnerability that stems from improper allocation of critical resource permissions, which can be exploited by an attacker to cause a local...

7.8CVSS7.2AI score0.00118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.3 views

CVE-2025-58733

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS7.5AI score0.00319EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.4 views

CVE-2025-58736

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS7.5AI score0.00319EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.3 views

CVE-2025-58732

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS7.5AI score0.00433EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.4 views

CVE-2025-58730

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS7.5AI score0.00319EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.6 views

CVE-2025-58734

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS7.5AI score0.00319EPSS
Exploits0References1
Rows per page
Query Builder