Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.5 views

PT-2026-39231

Name of the Vulnerable Software and Affected Versions External Secrets Operator versions prior to 2.4.1 Description A user with permissions to create ExternalSecret resources can cause the operator to create a Secret that Kubernetes automatically populates with a long-lived token for a specified...

4.9CVSS5.8AI score0.00207EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/01/15 11:25 p.m.2 views

CVE-2021-47790

Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by placing malicious executables in specific directory locations to gain administrative...

8.5CVSS6AI score0.00207EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/01/15 12:0 a.m.2 views

PT-2026-3162

Name of the Vulnerable Software and Affected Versions Active WebCam version 11.5 Description The software contains an unquoted service path issue that could allow local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by...

8.5CVSS5.9AI score0.00207EPSS
Exploits1References7
NVD
NVDadded 2026/01/13 11:15 p.m.3 views

CVE-2023-53984

Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing...

8.5CVSS0.00176EPSS
Exploits0References3
Cvelist
Cvelistadded 2022/12/13 2:46 p.m.29 views

CVE-2022-46363 Apache CXF directory listing / code exfiltration

A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes...

7.7AI score0.01193EPSS
Exploits1References1
NVD
NVDadded 2021/11/24 4:15 p.m.11 views

CVE-2021-31822

When Octopus Tentacle is installed on a Linux operating system, the systemd service file permissions are misconfigured. This could lead to a local unprivileged user modifying the contents of the systemd service file to gain privileged access...

7.8CVSS0.00208EPSS
Exploits0References1
CNVD
CNVDadded 2021/10/08 12:0 a.m.15 views

Moxa MXview Improper Access Control Vulnerability

An improper access control vulnerability exists in Moxa MXview, a network management software used to monitor and diagnose industrial networks. The vulnerability stems from the fact that the affected product has a misconfigured service that allows remote connections to internal communication...

10CVSS3.8AI score0.15789EPSS
Exploits0References1
Exploit DB
Exploit DBadded 2016/06/07 12:0 a.m.34 views

League of Legends Screensaver - Unquoted Service Path Privilege Escalation

Exploit Title: League of Legends Screensaver Unquoted Service Paths Conditional Privilege Escalation. CVE-ID: NA Date: 13/04/2016 Exploit Author: Vincent Yiu Contact: [email protected] Vendor Homepage: http://www.leagueoflegends.com Software Link: screensaver.euw.leagueoflegends.com/enUS...

7.4AI score
Exploits0
Rows per page
Query Builder