Lucene search
K

128 matches found

EUVD
EUVD
added 2026/06/04 12:4 p.m.10 views

EUVD-2025-210063

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

8.5CVSS5.8AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:4 p.m.20 views

CVE-2025-12694

Forcepoint VPN Client for Windows is affected by a local privilege escalation (CVE-2025-12694) that allows a local non-administrative user to escalate privileges to SYSTEM. Affected versions: Windows client 6.11.3 and prior. The vulnerability is local with low attack complexity and no user intera...

8.5CVSS5.8AI score0.00104EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.6 views

SATO CL4/6NX and CL4/6NX-J OS Command Injection (CVE-2025-22469)

A remote attacker may execute an arbitrary OS command on the system with a certain non-administrative user privilege. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

7.3CVSS8AI score0.0109EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/30 12:31 a.m.6 views

EUVD-2026-17046

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life EOL, are affected by the vulnerability as well...

8.8CVSS6.6AI score0.00432EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10404

Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...

6.8CVSS6AI score0.00105EPSS
Exploits0References7
NVD
NVD
added 2026/02/26 6:17 a.m.13 views

CVE-2026-23703

The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege...

8.5CVSS0.0012EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/05 7:26 a.m.4 views

CVE-2026-23704

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life EOL, are affected by the vulnerability as well...

6.5CVSS6.6AI score0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/04 7:3 a.m.4 views

CVE-2026-23704

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life EOL, are affected by the vulnerability as well...

6.5CVSS5.5AI score0.00202EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:32 a.m.8 views

CVE-2023-25618

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with...

6.5CVSS6.9AI score0.00613EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/03 12:0 a.m.5 views

Unspecified Vulnerability in Devolutions Server (CNVD-2025-30126)

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. An unspecified vulnerability exists in Devolutions Server that stems from a non-administrativ...

4.3CVSS6.5AI score0.00326EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.5 views

Devolutions Server 安全漏洞

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. An unspecified vulnerability exists in Devolutions Server that stems from a non-administrativ...

4.3CVSS6.2AI score0.00326EPSS
Exploits0References2
CNVD
CNVD
added 2025/11/24 12:0 a.m.2 views

Revive Adserver Information Disclosure Vulnerability

Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from an...

4.3CVSS7.1AI score0.00307EPSS
Exploits1References1
OSV
OSV
added 2025/11/21 7:15 a.m.4 views

CVE-2025-58097

The installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate files within the installation directory and execute arbitrary code with the administrative privilege...

7.8CVSS5.9AI score0.00106EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.5 views

LogStare Collector 安全漏洞

LogStare Collector is a data collector from LogStare Japan. A security vulnerability exists in LogStare Collector that stems from improper authorization in UserRegistration, which could result in a non-administrative user creating a new account...

5.3CVSS5AI score0.00203EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.4 views

LogStare Collector 安全漏洞

LogStare Collector is a data collector from LogStare Japan. A security vulnerability exists in LogStare Collector that stems from an improperly configured installation directory permissions, which could lead to the execution of arbitrary code by a non-administrative user...

7.8CVSS6.2AI score0.00106EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.5 views

PT-2025-47668

Name of the Vulnerable Software and Affected Versions LogStare Collector affected versions not specified Description LogStare Collector has an authorization issue within the UserRegistration component. A user without administrative privileges can create new user accounts by submitting a specially...

5.3CVSS5AI score0.00203EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.4 views

Palo Alto Prisma Browser 安全漏洞

Palo Alto Prisma Browser is a secure enterprise browser from Palo Alto USA. A security vulnerability exists in Palo Alto Prisma Browser that stems from improper handling of sensitive information and could lead to the retrieval of sensitive data by a locally authenticated, non-administrative user...

6.9CVSS6.3AI score0.00077EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.4 views

Nagios Log Server 安全漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2024R2.0.3, which stems from an incorrect authorization check that could result in a non-administrative user...

7.1CVSS6.5AI score0.00937EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-27462

Malware in sbrugna...

5.4CVSS6AI score0.00536EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8752

Malware in sbrugna...

5.5CVSS5.6AI score0.00272EPSS
Exploits0References5
Rows per page
Query Builder