CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

CVE-2026-9560

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel...

9.4CVSS5.9AI score0.00056EPSS

Exploits0References1

Tenable Nessus•added 2026/05/29 12:0 a.m.•15 views

OpenVPN Connect 3.5.1 < 3.8.2 Privilege Escalation (macOS)

The version of OpenVPN Connect installed on the remote macOS host is 3.5.1 through 3.8.1. It is, therefore, affected by a privilege escalation vulnerability: - Privilege escalation via the background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary...

9.4CVSS6.1AI score0.00056EPSS

Exploits0References2

Cvelist•added 2026/05/27 2:29 p.m.•37 views

CVE-2026-42184 Tauri: Origin Confusion Allows Remote Pages to Invoke Local-Only IPC Commands

Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's islocalurl function causes it to incorrectly classify remote URLs as trusted local origins on Windows and Android. On these systems, Tauri maps custom URI scheme protocols to...

6.1CVSS0.00041EPSS

Exploits1References1

Vulnrichment•added 2026/05/26 5:39 p.m.•7 views

CVE-2026-9560

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel...

9.4CVSS6.1AI score0.00056EPSS

Exploits0References1

OSV•added 2026/05/06 4:58 p.m.•6 views

GHSA-7GMJ-67G7-PHM9 Tauri has an Origin Confusion Issue that Allows Remote Pages to Invoke Local-Only IPC Commands

Summary A flaw in Tauri's islocalurl function causes it to incorrectly classify remote URLs as trusted local origins on Windows and Android. On these systems, Tauri maps custom URI scheme protocols to http://.localhost/ because those platforms' WebView implementations cannot serve custom URI...

6.1CVSS5.8AI score0.00041EPSS

Exploits1References2

Github Security Blog•added 2026/05/06 4:58 p.m.•4 views

Tauri has an Origin Confusion Issue that Allows Remote Pages to Invoke Local-Only IPC Commands

8.8CVSS5.8AI score0.00041EPSS

Exploits1References2Affected Software1

RedhatCVE•added 2026/04/25 7:22 a.m.•1 views

CVE-2026-28525

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoosemultipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing...

8.2CVSS5.9AI score0.00098EPSS

Exploits0References1

EUVD•added 2026/04/23 9:31 p.m.•3 views

EUVD-2026-25307

8.2CVSS6AI score0.00098EPSS

Exploits0References3

Cvelist•added 2026/04/23 8:59 p.m.•29 views

CVE-2026-28525 SWUpdate Integer Underflow in Multipart Upload Parser

8.2CVSS0.00098EPSS

Exploits0References2

NVD•added 2026/03/30 8:16 p.m.•2 views

CVE-2026-21711

A flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket UDS server operations without the required permission checks, while all comparable network paths correctly enforce them. As a result, code running under --permission without --allow-net can create and expose local IP...

5.3CVSS0.00004EPSS

Exploits0References1

ATTACKERKB•added 2026/03/30 7:7 p.m.•1 views

CVE-2026-21711

5.3CVSS5.8AI score0.00004EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/03/30 7:7 p.m.•3 views

CVE-2026-21711

5.3CVSS6.4AI score0.00004EPSS

Exploits0References1

NVD•added 2021/12/06 10:15 p.m.•9 views

CVE-2021-44677

An issue 1 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

9.8CVSS0.00656EPSS

Exploits0References2

NVD•added 2021/12/06 10:15 p.m.•12 views

CVE-2021-44679

An issue 3 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

9.8CVSS0.00656EPSS

Exploits0References2

OSV•added 2021/12/06 10:15 p.m.•1 views

CVE-2021-44679

9.8CVSS5.8AI score0.00656EPSS

Exploits0References2

Cvelist•added 2021/12/06 9:56 p.m.•11 views

CVE-2021-44680

An issue 4 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

9.8CVSS9.6AI score0.00656EPSS

Exploits0References2

CNNVD•added 2021/12/06 12:0 a.m.•3 views

Veritas Enterprise Vault 代码问题漏洞

Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and prior versions where the Enterprise Vault application starts multiple services that listen for commands from the...

9.8CVSS5.8AI score0.00496EPSS

Exploits0References5

CNNVD•added 2021/12/06 12:0 a.m.•2 views

Veritas Enterprise Vault 代码问题漏洞

9.8CVSS5.8AI score0.00656EPSS

Exploits0References5

Prion•added 2008/10/10 10:30 a.m.•14 views

Heap overflow

Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd Networking component in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors...

7.2CVSS8.1AI score0.00068EPSS

Exploits0References8Affected Software2

Cvelist•added 2008/10/10 10:0 a.m.•19 views

CVE-2008-3645

7.6AI score0.00068EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by