CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2021/10/14 12:0 a.m.•2 views

Trend Micro Apex One 代码问题漏洞

7.8CVSS7.8AI score0.00442EPSS

Exploits0References5

OSV•added 2021/05/07 7:31 p.m.•2 views

CVE-2021-27574

An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...

8.1CVSS7.5AI score

Exploits0References2

Prion•added 2021/05/07 7:31 p.m.•21 views

Design/Logic Flaw

6.8CVSS8AI score0.01078EPSS

Exploits1References2Affected Software1

0day.today•added 2021/04/05 12:0 a.m.•15 views

Rockstar Service - Insecure File Permissions Vulnerability

Exploit Title: Rockstar Service - Insecure File Permissions Exploit Author: George Tsimpidas Software Link : https://socialclub.rockstargames.com/rockstar-games-launcher Version Patch: 1.0.37.349 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Vulnerability Description:...

Exploit DB•added 2021/04/05 12:0 a.m.•329 views

Rockstar Service - Insecure File Permissions

Exploit Title: Rockstar Service - Insecure File Permissions Date: 2020-04-02 Exploit Author: George Tsimpidas Software Link : https://socialclub.rockstargames.com/rockstar-games-launcher Version Patch: 1.0.37.349 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Vulnerability...

OSV•added 2021/03/04 7:15 a.m.•1 views

CVE-2019-18629

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a...

8.1CVSS5.8AI score0.01017EPSS

Exploits0References2

0day.today•added 2020/10/15 12:0 a.m.•16 views

Guild Wars 2 - Insecure Folder Permissions Vulnerability

Exploit Title: Guild Wars 2 - Insecure Folder Permissions Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild Wars 2 Launcher...

Packet Storm•added 2020/10/14 12:0 a.m.•328 views

Guild Wars 2 Insecure Folder Permissions

Exploit Title: Guild Wars 2 - Insecure Folder Permissions Date: 2020-10-09 Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild War...

Prion•added 2020/08/11 6:15 p.m.•11 views

Hardcoded credentials

The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the...

4.4CVSS7.8AI score0.00376EPSS

Exploits0References1Affected Software2

ICS•added 2020/07/30 12:0 a.m.•444 views

ICSA-20-212-02_Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Multiple Factory Automation Engineering Software products Vulnerability: Permission Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...

9.8CVSS9.3AI score0.00827EPSS

Exploits0References2

CNVD•added 2020/06/10 12:0 a.m.•8 views

Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability

Microsoft OpenSSH is a set of connection tools for secure access to remote computers from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft OpenSSH for Windows, which arises from the program not properly restricting access to configuration settings, and can be exploited b...

7.8CVSS8.6AI score0.03158EPSS

Prion•added 2019/12/19 1:15 a.m.•11 views

Remote code execution

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution...

4.6CVSS7.7AI score0.00462EPSS

Exploits0References1Affected Software2

CNVD•added 2019/12/19 12:0 a.m.•2 views

SonicWall SonicOS SSLVPN NACagent Code Issue Vulnerability

SonicWall SonicOS SSLVPN NACagent is a VPN Virtual Private Network client application from SonicWall USA. A code issue vulnerability exists in SonicOS SSLVPN NACagent version 3.5 Windows. An attacker can exploit this vulnerability to execute code with the help of a malicious binary...

7.8CVSS7.3AI score0.00462EPSS

Microsoft CVE•added 2019/08/13 7:0 a.m.•36 views

LNK Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user...

9.3CVSS4.8AI score0.03766EPSS

OSV•added 2019/07/31 5:15 p.m.•15 views

CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...

5.5CVSS6.6AI score