CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Zero Day Initiative•added 2021/07/19 12:0 a.m.•45 views

(Pwn2Own) Microsoft Windows AppX Deployment Service Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deploymen...

7CVSS6AI score0.00835EPSS

Zero Day Initiative•added 2021/07/13 12:0 a.m.•56 views

Trend Micro Apex One Incorrect Permission Assignment Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

6.1CVSS3.4AI score0.00355EPSS

NVD•added 2021/07/08 11:15 a.m.•18 views

CVE-2021-32461

Trend Micro Password Manager Consumer version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local attacker to trigger a buffer overflow and escalate privileges on affected installations. An attacker must first obtain the ability...

7.8CVSS0.00369EPSS

Prion•added 2021/07/08 11:15 a.m.•14 views

Privilege escalation

7.2CVSS8AI score0.00369EPSS

Cvelist•added 2021/07/08 10:54 a.m.•22 views

CVE-2021-32461

8.2AI score0.00369EPSS

Zero Day Initiative•added 2021/06/25 12:0 a.m.•29 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x20006 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling ...

6.5CVSS2.3AI score0.0027EPSS

Citrix•added 2021/06/23 11:6 a.m.•112 views

Citrix Hypervisor Security Update

Two security issues have been identified in Citrix Hypervisor 8.2 LTSR, each of which may allow privileged code in a guest VM to cause the host to crash or become unresponsive. These issues only affect Citrix Hypervisor 8.2 LTSR. These issues have the following CVE identifiers: CVE-2021-3416...

6.5CVSS2.2AI score0.00455EPSS

Exploits0

Citrix•added 2021/06/09 2:55 p.m.•178 views

Citrix Hypervisor Security Update

Several security issues have been identified that affect Citrix Hypervisor: Two issues, each of which may each allow privileged code in a guest VM to cause the host to crash or become unresponsive. These two issues only affect systems where the malicious guest VM has a physical PCI device passed...

7.8CVSS4AI score0.00372EPSS

Exploits0

OSV•added 2021/05/27 11:15 a.m.•3 views

CVE-2021-32459

Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execut...

6.5CVSS6.9AI score0.0096EPSS

NVD•added 2021/05/27 11:15 a.m.•12 views

CVE-2021-32459

6.5CVSS0.0096EPSS

Prion•added 2021/05/27 11:15 a.m.•16 views

Hardcoded credentials

5.5CVSS6.7AI score0.0096EPSS

Cvelist•added 2021/05/27 10:42 a.m.•16 views

CVE-2021-32459

6.9AI score0.0096EPSS

Zero Day Initiative•added 2021/05/25 12:0 a.m.•34 views

VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS2.8AI score0.00453EPSS

Zero Day Initiative•added 2021/05/20 12:0 a.m.•194 views

Apple macOS QuartzCore Type Confusion Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the QuartzCore Framework...

7.8CVSS5.7AI score

Zero Day Initiative•added 2021/05/13 12:0 a.m.•125 views

(Pwn2Own) Canonical Ubuntu io_uring Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS8.7AI score0.00629EPSS

Zero Day Initiative•added 2021/05/13 12:0 a.m.•53 views

Microsoft Windows WalletService Directory Junction Privilege Escalation Vulnerability

7.8CVSS5.9AI score0.01136EPSS

Zero Day Initiative•added 2021/05/13 12:0 a.m.•52 views

Microsoft Windows win32kfull Palette Use-After-Free Privilege Escalation Vulnerability

8.8CVSS4.7AI score0.0101EPSS

Prion•added 2021/05/12 3:15 p.m.•15 views

Information disclosure

An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a...

4.4CVSS7.5AI score0.00261EPSS

Prion•added 2021/05/12 3:15 p.m.•15 views

Information disclosure

An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is...

4.4CVSS7.5AI score0.00346EPSS