CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-4963

Malware in sbrugna...

7.8CVSS7.7AI score0.00029EPSS

Exploits0References2

CVE•added 2025/09/25 11:2 a.m.•10 views

CVE-2025-10941

The CVE-2025-10941 entry concerns Topaz SERVCore Teller versions 2.14.0-RC2/2.14.1, where the vulnerability affects the Installer component (SERVCoreTeller_2.0.40D.msi). The issue is described as a local permission problem in the installer file that could enable a local privilege/permission manip...

8.5CVSS7.4AI score0.00016EPSS

Exploits0References4

NVD•added 2024/10/09 5:15 p.m.•25 views

CVE-2024-9473

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install...

7.8CVSS0.0032EPSS

Exploits1References3

CVE•added 2024/10/09 5:7 p.m.•92 views

CVE-2024-9473

CVE-2024-9473 affects the Palo Alto Networks GlobalProtect App on Windows. The issue is a local privilege escalation via the MSI repair functionality used during installation, allowing a locally authenticated non-admin user to elevate to NT AUTHORITY/SYSTEM. Affected versions are GlobalProtect Ap...

7.8CVSS7.9AI score0.0032EPSS

Exploits1References3Affected Software1

Cvelist•added 2024/10/09 5:7 p.m.•31 views

CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

5.2CVSS0.0032EPSS

Exploits1References2

Vulnrichment•added 2024/10/09 5:7 p.m.•31 views

CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

5.2CVSS7.2AI score0.0032EPSS

Exploits1References2

Microsoft KB•added 2024/07/09 7:0 a.m.•216 views

Description of the security update for Microsoft OLE DB Driver 19 for SQL Server: July 9, 2024

Description of the security update for Microsoft OLE DB Driver 19 for SQL Server: July 9, 2024 Summary This security update resolves a vulnerability. To learn more about the vulnerability, see the following security advisory: CVE-2024-37334 - Microsoft OLE DB Driver for SQL Server Remote Code...

8.8CVSS5.8AI score0.02946EPSS

Exploits0

The Hacker News•added 2024/05/20 5:47 a.m.•13 views

Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...

8.2AI score

Exploits0

Microsoft KB•added 2024/04/09 7:0 a.m.•195 views

Description of the security update for Microsoft ODBC Driver 18 for SQL Server: April 9, 2024

Description of the security update for Microsoft ODBC Driver 18 for SQL Server: April 9, 2024 Summary This security update contains a fix and resolves vulnerabilities. To learn more about the vulnerabilities, see the following security advisories: CVE-2024-28929 - Microsoft ODBC Driver for SQL...

8.8CVSS9.2AI score0.03993EPSS

Exploits0

The Hacker News•added 2023/09/05 12:19 p.m.•40 views

New Python Variant of Chaes Malware Targets Banking and Logistics Industries

Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced...

6.6AI score

Exploits0

OSV•added 2023/07/21 9:15 p.m.•7 views

CVE-2022-46291

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...

7.8CVSS7.5AI score

Exploits0References2

NVD•added 2023/07/21 9:15 p.m.•15 views

CVE-2022-46291

9.8CVSS9.9AI score0.0022EPSS

Exploits1References2

Prion•added 2023/07/21 9:15 p.m.•21 views

Out-of-bounds

4.4CVSS8.1AI score0.0022EPSS

Exploits1References1Affected Software1

UbuntuCve•added 2023/07/21 9:15 p.m.•17 views

CVE-2022-46291

9.8CVSS7.3AI score0.0022EPSS

Exploits1References2

Cvelist•added 2023/07/21 8:25 p.m.•21 views

CVE-2022-46291

9.8CVSS10AI score0.0022EPSS

Exploits1References1

Vulnrichment•added 2023/07/21 8:25 p.m.•11 views

CVE-2022-46291

9.8CVSS7.6AI score0.0022EPSS

Exploits1References1

Debian CVE•added 2023/07/21 8:25 p.m.•27 views

CVE-2022-46291

9.8CVSS8.9AI score0.0022EPSS

Exploits1

CVE•added 2023/07/21 8:25 p.m.•58 views

CVE-2022-46291

Open Babel 3.1.1 and the master commit 530dbfa3 are affected by multiple out-of-bounds write vulnerabilities in the translationVectors parsing logic across several formats (notably MSI). The vulnerable code paths read lines, tokenize, and increment an index into translationVectors without proper ...

9.8CVSS8.1AI score0.0022EPSS

Exploits1References2Affected Software1

Hacker One•added 2021/10/12 9:15 p.m.•16 views

8x8: Hardcoded AWS credentials in ███████.msi

A hardcoded AWS access token was discovered within an MSI file available for download on the 8x8 site. The researcher was able to demonstrate access to 8x8 AWS infrastructure. The token was promptly restricted...

2.5AI score

Exploits0

Hacker One•added 2021/01/05 10:38 a.m.•21 views

Acronis: Local privilege escalation via insecure MSI file

Summary I've found a vulnerability which leads to a local privilege escalation starting from a non-admin user. When True Image client installs it drops 2 MSI files into C:\Windows\Installer folder. Since this folder by default is readable by anyone, a non-admin user can execute commands like...

1.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by