Lucene search
K

83 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-41533

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect permission Assignment for critical resource vulnerability. A hi...

4.4CVSS6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.20 views

TencentOS Server 4: cups (TSSA-2026:0276)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0276 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.8CVSS6.2AI score0.00502EPSS
Exploits4References5
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.11 views

ASUS Business System Control Interface 安全漏洞

ASUS Business System Control Interface is a system control interface developed by ASUS, a Chinese technology company. There is a security vulnerability in the ASUS Business System Control Interface. This vulnerability stems from improper permission allocation, which may allow unauthorized local...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.3 views

Windows Graphics Component Denial of Service Vulnerability

Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally...

6.2CVSS5.8AI score0.0048EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/05 9:59 p.m.3 views

CVE-2026-28485 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or local processes can execute arbitrary browser-context...

8.4CVSS6AI score0.00196EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/05 9:59 p.m.27 views

CVE-2026-28485 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or local processes can execute arbitrary browser-context...

8.4CVSS0.00196EPSS
Exploits0References3
OSV
OSV
added 2026/03/04 4:16 p.m.5 views

CVE-2026-22285

Dell Device Management Agent DDMA, versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access...

4.4CVSS5.8AI score
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.7 views

Microsoft Excel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00524EPSS
Exploits0
CVE
CVE
added 2026/01/13 5:57 p.m.21 views

CVE-2026-20939

CVE-2026-20939: Windows File Explorer information disclosure allowing a locally authenticated user to view sensitive data. The issue has a CVSSv3.1 base score of 5.5 (Local, Low attack complexity, Low privileges, Confidentiality impact: High). Microsoft has released fixes in January 2026 security...

5.5CVSS6.1AI score0.00468EPSS
Exploits0References1Affected Software12
PyPA
PyPA
added 2025/11/26 7:15 p.m.10 views

PYSEC-2025-219

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS5.8AI score0.00195EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/11/26 7:15 p.m.12 views

PYSEC-2025-219

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

3.3CVSS5.8AI score0.00195EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/26 12:0 a.m.4 views

CVE-2025-65681

An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...

6.2AI score0.00195EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/10/14 2:0 p.m.7 views

Microsoft Office Denial of Service Vulnerability

Uncaught exception in Microsoft Office allows an unauthorized attacker to deny service locally...

5.5CVSS6.8AI score0.00382EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-37353

Malicious code in bioql PyPI...

7.5CVSS6.9AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2025/08/27 2:15 p.m.5 views

CVE-2025-43882

Dell ThinOS 10, versions prior to 250810.0127, contains an Unverified Ownership vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Unauthorized Access...

7.8CVSS0.00119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 3:35 p.m.4 views

CVE-2025-1139

IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they should not have authorization to access due to incorrect permission assignment...

6.1CVSS6.6AI score0.00101EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 3:15 p.m.16 views

CVE-2025-36613

SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access...

7.8CVSS0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 2:46 p.m.11 views

CVE-2025-36613

SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access...

2.8CVSS0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.6 views

PT-2025-33289 · Dell · Dell Supportassist For Business Pcs +1

Name of the Vulnerable Software and Affected Versions: SupportAssist for Home PCs versions prior to 4.6.4 SupportAssist for Business PCs versions prior to 4.5.4 Description: SupportAssist for Home PCs and SupportAssist for Business PCs contain an Incorrect Privilege Assignment issue. A local...

7.8CVSS6.3AI score0.00104EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/08/12 7:0 a.m.4 views

Windows NTFS Information Disclosure Vulnerability

Time-of-check time-of-use toctou race condition in Windows NTFS allows an unauthorized attacker to disclose information locally...

7CVSS6.8AI score0.00354EPSS
Exploits0
Rows per page
Query Builder