Lucene search
K

832 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-57919

PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe \.\pipe\PBackupVSS with a DACL that grants GENERICREAD and GENERICWRITE permissions to all authenticated users. A low-privileged local attacker can connect to this pipe and send crafted IPC messages to trigge...

7.8CVSS0.00125EPSS
Exploits0References2
CVE
CVE
added 4 days ago6 views

CVE-2026-57919

CVE-2026-57919 affects Matrix42 Empirum (pre-25.5 and pre-26.2). The issue: PBackupVSS.exe creates a named pipe (\.\pipe\PBackupVSS) with a permissive DACL granting GENERIC_READ/WRITE to all authenticated users, enabling a low-privileged, local attacker to connect and send crafted IPC messages to...

7.8CVSS6.1AI score0.00125EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-57919

PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe \.\pipe\PBackupVSS with a DACL that grants GENERICREAD and GENERICWRITE permissions to all authenticated users. A low-privileged local attacker can connect to this pipe and send crafted IPC messages to trigge...

7.8CVSS6.1AI score0.00125EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 1:19 p.m.8 views

CVE-2026-11858

Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service. The update service runs as NT AUTHORITY\SYSTEM and exposes a .NET Remoting interface over a named pipe without sufficient access controls or authorization. A local authenticated...

8.4CVSS0.00126EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.10 views

CVE-2026-11857

Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service due to insecure deserialization in the .NET Remoting service. The service is configured with TypeFilterLevel.Full and is bound to local interfaces only through named pipes. A local...

8.4CVSS0.00273EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 11:50 a.m.22 views

CVE-2026-11858

Quanos SCHEMA ST4 on-premises is affected by a local privilege escalation due to insufficient authorization on the Client Update Service. The service, running as NT AUTHORITY\SYSTEM, exposes a .NET Remoting interface over a named pipe without proper access controls. A local authenticated low-priv...

8.4CVSS5.5AI score0.00126EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.8 views

CVE-2026-34928

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different named pipe communication mechanism. Please note: an attacker must first obtain the ability to...

7.8CVSS7.1AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.8 views

CVE-2026-9789

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS5.6AI score0.00152EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.9 views

CVE-2026-8069

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrar...

8.5CVSS6AI score0.00118EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/30 10:1 a.m.96 views

Exploit for CVE-2026-9789

CVE ID: CVE-2026-9789 Researcher: Vo Duc Thang ugvxb...

8.5CVSS6AI score0.00152EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/05/30 8:38 a.m.102 views

Exploit for CVE-2026-9490

CVE ID: CVE-2026-9490 Researcher: Vo Duc Thang ugvxb...

6.8CVSS5.9AI score0.00173EPSS
Exploits1
NVD
NVD
added 2026/05/28 3:16 a.m.17 views

CVE-2026-9789

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS0.00152EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/28 2:39 a.m.7 views

CVE-2026-9789 NitroSense V3: Security Vulnerability Information

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS5.9AI score0.00152EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/28 2:39 a.m.33 views

CVE-2026-9789 NitroSense V3: Security Vulnerability Information

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS0.00152EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/28 2:39 a.m.11 views

EUVD-2026-32700

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS5.9AI score0.00152EPSS
Exploits1References1
CVE
CVE
added 2026/05/28 2:39 a.m.26 views

CVE-2026-9789

The CVE-2026-9789 entry describes a Local Privilege Escalation affecting Acer NitroSense software prior to 3.01.3052. The root cause is a PSAdminAgent service that creates a Named Pipe with a weak ACL, allowing any authenticated local user to connect and issue commands. The service does not verif...

8.5CVSS5.9AI score0.00152EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.11 views

PT-2026-44171

A Local Privilege Escalation LPE vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List ACL. This allows any authenticated local user to connect and send...

8.5CVSS5.9AI score0.00152EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.14 views

CVE-2026-9490

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message message type 0x03 to the pipe, causing the service ...

6.8CVSS5.8AI score0.00173EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-9489

NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation LPE vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with ...

8.5CVSS6.3AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 8:16 a.m.17 views

CVE-2026-9490

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message message type 0x03 to the pipe, causing the service ...

6.8CVSS0.00173EPSS
Exploits1References1
Rows per page
Query Builder