CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

790 matches found

Zero Day Initiative•added 2023/09/12 12:0 a.m.•42 views

Microsoft Windows CLFS Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.4CVSS6.2AI score0.05356EPSS

Exploits0References1

Zero Day Initiative•added 2023/09/12 12:0 a.m.•19 views

Microsoft Windows UMPDDrvStrokeAndFillPath Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS6.5AI score0.01229EPSS

Exploits0References1

Prion•added 2023/09/06 5:15 a.m.•17 views

Privilege escalation

Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on...

4.3CVSS7.9AI score0.00392EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/09/06 4:2 a.m.•17 views

CVE-2023-32162 Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability

7.8CVSS7.2AI score0.00392EPSS

Exploits0References1

Zero Day Initiative•added 2023/07/28 12:0 a.m.•29 views

Canonical Ubuntu OverlayFS File System Missing Authorization Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.8CVSS7.2AI score0.15783EPSS

Exploits12References2

Zero Day Initiative•added 2023/07/12 12:0 a.m.•33 views

Microsoft Windows Installer Service Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Windows...

7CVSS7AI score0.00421EPSS

Exploits0References1

OSV•added 2023/06/26 10:15 p.m.•4 views

CVE-2023-34148

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

7.8CVSS7.3AI score0.00234EPSS

Exploits0References2

NVD•added 2023/06/26 10:15 p.m.•31 views

CVE-2023-34147

7.8CVSS7.7AI score0.00234EPSS

Exploits0References2

NVD•added 2023/06/26 10:15 p.m.•23 views

CVE-2023-34146

7.8CVSS7.7AI score0.00234EPSS

Exploits0References2

NVD•added 2023/06/26 10:15 p.m.•15 views

CVE-2023-34144

An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target syst...

7.8CVSS7.7AI score0.00306EPSS

Exploits0References2

NVD•added 2023/06/26 10:15 p.m.•10 views

CVE-2023-32524

Affected versions of Trend Micro Mobile Security Enterprise 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

8.8CVSS9.2AI score0.02573EPSS

Exploits0References2

NVD•added 2023/06/26 10:15 p.m.•13 views

CVE-2023-32525

Trend Micro Mobile Security Enterprise 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit thi...

6.5CVSS6.9AI score0.02038EPSS

Exploits0References2

NVD•added 2023/06/26 10:15 p.m.•11 views

CVE-2023-32522

A path traversal exists in a specific dll of Trend Micro Mobile Security Enterprise 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...

8.1CVSS8.3AI score0.03321EPSS

Exploits1References2

NVD•added 2023/06/26 10:15 p.m.•14 views

CVE-2023-32526

6.5CVSS6.9AI score0.02038EPSS

Exploits0References2

NVD•added 2023/06/26 10:15 p.m.•12 views

CVE-2023-32528

Trend Micro Mobile Security Enterprise 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

8.8CVSS9AI score0.02992EPSS

Exploits0References2

Prion•added 2023/06/26 10:15 p.m.•20 views

Design/Logic Flaw

4CVSS6.9AI score0.02038EPSS

Exploits0References2Affected Software1

Prion•added 2023/06/26 10:15 p.m.•16 views

Design/Logic Flaw

4.3CVSS7.7AI score0.00234EPSS

Exploits0References2Affected Software1

Prion•added 2023/06/26 10:15 p.m.•20 views

Design/Logic Flaw