Lucene search
K

5042 matches found

CNNVD
CNNVD
added 2025/08/20 12:0 a.m.1 views

WordPress plugin JobZilla - Job Board WordPress Theme 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

8.8CVSS6.4AI score0.00168EPSS
Exploits0References2
CNVD
CNVD
added 2025/08/20 12:0 a.m.2 views

Intel 800 Series Ethernet Input Validation Improperity Vulnerability (CNVD-2025-19828)

Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. Intel 800 Series Ethernet suffers from an improper input validation vulnerability that can be exploited by an attacker to cause a...

9.3CVSS6.8AI score0.00131EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/20 12:0 a.m.1 views

Intel 800 Series Ethernet Elevation of Privilege Vulnerability

Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. An elevation of privilege vulnerability exists in Intel 800 Series Ethernet, which stems from insufficient control flow managemen...

8.8CVSS7.1AI score0.00119EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.2 views

wordpress plugin FunnelKit – Funnel Builder for WooCommerce Checkout和wordpress plugin FunnelKit Automations 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... An information disclosur...

8.8CVSS6.2AI score0.00572EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.4 views

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from improper input validation and could result in local elevation of privilege...

8.4CVSS6.5AI score0.00748EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.5 views

Schneider Electric SESU 后置链接漏洞

Schneider Electric SESU is a module for optimizing the efficiency of energy usage from Schneider Electric France. A backlink vulnerability exists in Schneider Electric SESU that stems from improper link resolution and could result in elevation of privilege or denial of service...

7.3CVSS7AI score0.00198EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.5 views

Capsule 安全漏洞

Capsule is a multi-tenant and policy-based framework for Kubernetes open-sourced by Project Capsule. A security vulnerability exists in Capsule 0.10.3 and earlier versions that stems from a namespace label injection vulnerability that could lead to elevation of privilege and cross-tenant resource...

9CVSS7.3AI score0.00437EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/16 12:0 a.m.4 views

WordPress plugin Taxi Booking Manager for Woocommerce | E-cab 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

9.8CVSS6.7AI score0.00438EPSS
Exploits0References4
CNVD
CNVD
added 2025/08/15 12:0 a.m.4 views

OpenBao has an unspecified vulnerability (CNVD-2025-18597)

OpenBao is OpenBao open source a sensitive data management software . A security vulnerability exists in OpenBao 2.3.1 and earlier versions that can be exploited by attackers to cause elevation of privilege...

7.2CVSS6.7AI score0.00288EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.4 views

HP Hotkey Support 安全漏洞

HP Hotkey Support is an application from Hewlett-Packard HP USA. A security vulnerability exists in HP Hotkey Support, which originates from the HPAudioAnalytics service and may allow elevation of privilege...

8.4CVSS6.8AI score0.0015EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/14 6:24 p.m.4 views

CVE-2025-50168

Access of resource using incompatible type 'type confusion' in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

7.8CVSS7.2AI score0.00793EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/14 6:24 p.m.2 views

CVE-2025-50173

Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/14 6:24 p.m.4 views

CVE-2025-50159

Use after free in Remote Access Point-to-Point Protocol PPP EAP-TLS allows an authorized attacker to elevate privileges locally...

7.3CVSS7.7AI score0.00527EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 3:15 p.m.17 views

CVE-2025-36612

SupportAssist for Business PCs, versions 4.5.3 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

7.8CVSS0.00095EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 4:35 a.m.44 views

CVE-2025-0309

CVE-2025-0309 describes a local privilege escalation in Netskope Client for Windows due to insufficient validation on the server connection endpoint. An attacker-controlled server using publicly signed TLS certificates can cause the client to send specially crafted responses, enabling privilege e...

6CVSS6.9AI score0.00173EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

Dell SupportAssist for Home PCs 安全漏洞

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA that provides automated, proactive and predictive techniques for troubleshooting and more. An elevation of privilege vulnerability exists in Dell SupportAssist for Home PCs, which arises from improper privile...

7.8CVSS7.3AI score0.00103EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/14 12:0 a.m.22 views

CVE-2025-27845

In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This allows for elevated permissions to the UI...

0.00402EPSS
Exploits0References2
OSV
OSV
added 2025/08/12 6:15 p.m.3 views

CVE-2025-53778

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.36074EPSS
Exploits0References3
OSV
OSV
added 2025/08/12 6:15 p.m.4 views

CVE-2025-53726

Access of resource using incompatible type 'type confusion' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.0041EPSS
Exploits0References1
NVD
NVD
added 2025/08/12 6:15 p.m.4 views

CVE-2025-53727

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.01017EPSS
Exploits0References1
Rows per page
Query Builder