Lucene search
K

396 matches found

NVD
NVD
added 3 days ago8 views

CVE-2026-21040

Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs...

6.9CVSS0.00099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-21052

Path traversal in SemClipboardService prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system privilege...

6.8CVSS5.9AI score0.00131EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-21043

Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege...

6.7CVSS5.9AI score0.00129EPSS
Exploits0References2
CVE
CVE
added 3 days ago8 views

CVE-2026-21040

CVE-2026-21040 affects IAFDService; the root cause is improper access control that allows local privileged attackers to use the privileged APIs prior to SMR Jul-2026 Release 1. Documented impact includes access to high-privilege APIs with local execution, and no exploitation or remediation steps ...

6.9CVSS5.9AI score0.00099EPSS
Exploits0References1
NVD
NVD
added 2026/07/03 1:17 p.m.7 views

CVE-2026-44268

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect permission Assignment for critical resource vulnerability. A hi...

4.4CVSS0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/03 12:58 p.m.36 views

CVE-2026-46468

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access 'Link following' vulnerabilit...

4.4CVSS0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/12 9:38 a.m.10 views

CVE-2026-47166

A flaw was found in ImageMagick, a widely used software for image editing. An attacker with high privileges and local access could exploit a vulnerability in the magick -distribute-cache service. By causing a heap buffer over-read, this could lead to the disclosure of sensitive information and...

6CVSS5.3AI score0.00093EPSS
Exploits0References4
NVD
NVD
added 2026/06/11 4:16 p.m.13 views

CVE-2024-45636

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.4CVSS0.00094EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 3:10 p.m.13 views

CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.1CVSS5.4AI score0.00094EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 3:10 p.m.35 views

CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.1CVSS0.00094EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 3:10 p.m.30 views

CVE-2024-45636

The CVE-2024-45636 entry concerns IBM Security QRadar EDR. Affected: QRadar EDR 3.12–3.12.24. Issue: credentials are stored in plaintext, readable by a local privileged user (CWE-256). Impact: potential exposure of sensitive credentials on the host; CVSS v3.1 base score 4.1 (L, H, N) with Local a...

4.4CVSS5.4AI score0.00094EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/11 3:10 p.m.11 views

EUVD-2024-55619

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.1CVSS5.4AI score0.00094EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.15 views

PT-2026-48669

Name of the Vulnerable Software and Affected Versions IBM Security QRadar EDR versions 3.12 through 3.12.24 Description User credentials are stored in plain text, which allows a local privileged user to read this sensitive information. Recommendations At the moment, there is no information about ...

4.4CVSS5.8AI score0.00094EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.19 views

IBM Security QRadar EDR 安全漏洞

IBM Security QRadar EDR is a terminal detection and response software developed by the American multinational company IBM. There are security vulnerabilities in versions 3.12 to 3.12.24 of IBM Security QRadar EDR. These vulnerabilities stem from the storage of user credentials in plain text, whic...

4.4CVSS5.3AI score0.00094EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 8:50 a.m.9 views

Security Bulletin: IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.

Summary IBM Security QRadar EDR Software is affected by a vulnerability where user credentials are stored in plain text, which could allow a local privileged user to access sensitive credential information. This vulnerability has been addressed in version 3.12.25. Vulnerability Details...

4.4CVSS5.7AI score0.00094EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/21 7:34 a.m.10 views

CVE-2026-44069 Integer underflow in volxlate

An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...

3.9CVSS5.8AI score0.00094EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.10 views

CVE-2026-44069

An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...

3.9CVSS5.8AI score0.00094EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A flaw was discovered in the XFRM subsystem of the Linux kernel. The specific flaw occurs during the processing of state filters, which can lead to a read beyond the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially...

4.4CVSS6.6AI score0.00417EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c within the Linux kernel. This flaw allows a local attacker with special user privileges CAPSYSADMIN or CAPSYSRAWIO to cause confidentiality issues...

4.9CVSS6.7AI score0.00416EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A flaw was discovered in the Netfilter subsystem of the Linux kernel. The xtu32 module failed to validate the fields within the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value that exceeds the bounds of the...

6.7CVSS6.4AI score0.00397EPSS
Exploits0References2
Rows per page
Query Builder