Lucene search
K

105 matches found

ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-21054

Improper export of android application components in InputSharing prior to version 2.7.01.4 allows local attackers to access sharing data...

6.9CVSS5.9AI score0.00115EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/03 12:15 p.m.10 views

EUVD-2026-41533

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect permission Assignment for critical resource vulnerability. A hi...

4.4CVSS6AI score0.00104EPSS
Exploits0References1
HPE Security Bulletins
HPE Security Bulletins
added 2026/06/25 12:0 a.m.5 views

HPESBHF04959 rev.1 - Certain HPE SimpliVity AMD Servers Using Certain AMD EPYC Processors, AMD-SB-3020: SEV-SNP RMP Initialization Vulnerability, Local Unauthorized Access Vulnerability

Potential Security Impact: Local: Unauthorized Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 325 Gen11 - Prior to SimpliVity Gen11 Support Pack SVTSP 20260417 HPE SimpliVity 325 Gen10 Plus - Prior to SimpliVity Gen10 Support Pack SVTSP 20260417 CVSS Scores:...

6CVSS7.1AI score0.00199EPSS
Exploits0
Rosalinux
Rosalinux
added 2026/05/22 8:59 a.m.19 views

Advisory ROSA-SA-2026-3294

CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of the Linux kernel. A logical error occurs when transitioning a TCP socket to the espintcp mode after writing file data to the receive queue. The kernel processes file...

8.8CVSS6.1AI score0.93235EPSS
Exploits45
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.20 views

TencentOS Server 4: cups (TSSA-2026:0276)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0276 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.8CVSS6.2AI score0.00502EPSS
Exploits4References5
OSV
OSV
added 2026/05/03 9:55 a.m.15 views

OESA-2026-2140 PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API. Security Fixes: PackageKit is a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro,...

8.8CVSS6AI score0.0046EPSS
Exploits10References2
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.12 views

ASUS Business System Control Interface 安全漏洞

ASUS Business System Control Interface is a system control interface developed by ASUS, a Chinese technology company. There is a security vulnerability in the ASUS Business System Control Interface. This vulnerability stems from improper permission allocation, which may allow unauthorized local...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.3 views

Windows Graphics Component Denial of Service Vulnerability

Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally...

6.2CVSS5.8AI score0.0048EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/05 9:59 p.m.29 views

CVE-2026-28485 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or local processes can execute arbitrary browser-context...

8.4CVSS0.00196EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/05 9:59 p.m.3 views

CVE-2026-28485 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or local processes can execute arbitrary browser-context...

8.4CVSS6AI score0.00196EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/05 9:59 p.m.5 views

CVE-2026-28485

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or local processes can execute arbitrary browser-context...

8.4CVSS6.2AI score0.00196EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/04 4:16 p.m.6 views

CVE-2026-22285

Dell Device Management Agent DDMA, versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access...

4.4CVSS5.8AI score
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.9 views

Microsoft Excel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00524EPSS
Exploits0
CVE
CVE
added 2026/01/13 5:57 p.m.25 views

CVE-2026-20939

CVE-2026-20939: Windows File Explorer information disclosure allowing a locally authenticated user to view sensitive data. The issue has a CVSSv3.1 base score of 5.5 (Local, Low attack complexity, Low privileges, Confidentiality impact: High). Microsoft has released fixes in January 2026 security...

5.5CVSS6.1AI score0.00468EPSS
Exploits0References1Affected Software12
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.6 views

Windows Hello Tampering Vulnerability

Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally...

7.7CVSS7AI score0.00498EPSS
Exploits0
Cvelist
Cvelist
added 2025/11/27 10:48 a.m.11 views

CVE-2025-59890

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized code or commands. This security issue has been fixed in the latest version of Galileo which is...

7.3CVSS0.00127EPSS
Exploits0References1
PyPA
PyPA
added 2025/11/26 7:15 p.m.32 views

PYSEC-2025-219

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS5.8AI score0.00195EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/11/26 7:15 p.m.12 views

PYSEC-2025-219

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS5.8AI score0.00195EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/26 12:0 a.m.4 views

CVE-2025-65681

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

6.2AI score0.00195EPSS
Exploits0References3
HPE Security Bulletins
HPE Security Bulletins
added 2025/11/13 12:0 a.m.3 views

HPESBHF04963 rev.2 - Certain HPE SimpliVity servers Using Certain AMD EPYC Processors. AMD-SB-3029: Stale Translation Lookaside Buffer (TLB) Entry Vulnerability, Local Unauthorized Access Vulnerability

Potential Security Impact: Local: Unauthorized Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 325 Gen10 Plus - Prior to HPE SimpliVity Gen10 Support Pack SVTSP 20250630 HPE SimpliVity 325 Gen11 - Prior to HPE SimpliVity Gen11 Support Pack SVTSP 20260116 CVSS...

5.3CVSS6.1AI score0.00096EPSS
Exploits0
Rows per page
Query Builder