CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4304 matches found

RedhatCVE•added 2025/03/27 5:49 p.m.•9 views

CVE-2024-58104

A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

7.8CVSS7.1AI score0.00144EPSS

Exploits0References1

ICS•added 2025/03/25 6:0 a.m.•10 views

Rockwell Automation 440G TLS-Z

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take over the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

7CVSS7.4AI score0.00342EPSS

Exploits0References10

Veracode•added 2025/03/19 4:12 a.m.•5 views

Local Code Execution (LCE)

XPixelGroup BasicSR is vulnerable to local code execution. The vulnerability is due to improper handling of a crafted SLURMNODELIST environment variable when executing "scontrol show hostname", allowing crafted input to influence command execution...

5.3CVSS7.4AI score0.00191EPSS

Exploits0References4Affected Software1

Cvelist•added 2025/03/17 12:23 p.m.•11 views

CVE-2025-2401 Buffer overflow in Immunity Debugger

Buffer overflow vulnerability in Immunity Debugger affecting version 1.85, its exploitation could allow a local attacker to execute arbitrary code, due to the lack of proper boundary checking...

5.4CVSS0.00184EPSS

Exploits0References1

RedhatCVE•added 2025/03/15 7:3 a.m.•5 views

CVE-2024-27763

XPixelGroup BasicSR through 1.4.2 might locally allow code execution in contrived situations where "scontrol show hostname" is executed in the presence of a crafted SLURMNODELIST environment variable...

5.3CVSS7.3AI score0.00191EPSS

Exploits0References1

OSV•added 2025/03/14 4:15 p.m.•2 views

CVE-2023-45588

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

7.8CVSS6.1AI score0.00262EPSS

Exploits0References1

Vulnrichment•added 2025/03/14 3:46 p.m.•11 views

CVE-2023-45588

8.2CVSS8.4AI score0.00262EPSS

Exploits0References1

CNNVD•added 2025/03/14 12:0 a.m.•5 views

Fortinet FortiClientMAC 安全漏洞

Fortinet FortiClientMAC is a U.S. fly tower Fortinet company based on macOS platform security tools. A code execution vulnerability exists in Fortinet FortiClientMAC that originates from an external control of a file name or path, which can be exploited by a local attacker to execute arbitrary co...

8.2CVSS7.8AI score0.00262EPSS

Exploits0References3

RedhatCVE•added 2025/03/13 7:37 p.m.•13 views

CVE-2025-21180

Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally...

7.8CVSS8.9AI score0.00888EPSS

Exploits0References3

RedhatCVE•added 2025/03/13 6:42 p.m.•14 views

CVE-2025-26630

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally...

7.8CVSS8AI score0.00916EPSS

Exploits0References3

OSV•added 2025/03/12 3:32 p.m.•0 views

GHSA-86W8-VHW6-Q9QQ XPixelGroup BasicSR Command Injection

5.3CVSS6.3AI score0.00191EPSS

Exploits0References4

NVD•added 2025/03/12 3:15 p.m.•2 views

CVE-2024-27763

5.3CVSS0.00191EPSS

Exploits0References2

Vulnrichment•added 2025/03/12 12:0 a.m.•5 views

CVE-2024-27763

5.7AI score0.00191EPSS

Exploits0References2

CVE•added 2025/03/12 12:0 a.m.•39 views

CVE-2024-27763

CVE-2024-27763 affects XPixelGroup BasicSR up to version 1.4.2. The issue arises from how a crafted SLURM_NODELIST input is handled when running scontrol show hostname, which can locally allow code execution. The CVSS vector indicates a Local attack with Low privileges required and no user intera...

5.3CVSS7.1AI score0.00191EPSS

Exploits0References2

Cvelist•added 2025/03/12 12:0 a.m.•10 views

CVE-2024-27763

0.00191EPSS

Exploits0References2

Krebs on Security•added 2025/03/11 11:53 p.m.•28 views

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993, both vulnerabilities in NTF...

7.8CVSS7.4AI score0.31894EPSS

Exploits9

OSV•added 2025/03/11 5:16 p.m.•2 views

CVE-2025-26630

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00916EPSS

Exploits0References1

OSV•added 2025/03/11 5:16 p.m.•2 views

CVE-2025-26629

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00543EPSS

Exploits0References1