Lucene search
K

586 matches found

EUVD
EUVD
added 2026/05/27 5:9 p.m.17 views

EUVD-2026-32602

Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissions to access it. When SMTP email is not configured the default for self-hosted Budibase instances,...

8.8CVSS6AI score0.00261EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 10:7 p.m.46 views

CVE-2026-32991

Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account...

7.1CVSS0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a supplementary function driver for Winsock by Microsoft Corporation. There are security vulnerabilities associated with the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit these vulnerabilities to gain...

7.8CVSS5.8AI score0.00314EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 12:0 a.m.13 views

ALSA-2026:15892 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

9.8CVSS6AI score0.04938EPSS
Exploits1References52
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a resource management vulnerability in Microsoft Windows. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows 10...

7.8CVSS5.8AI score0.00246EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-32796

CVE-2026-32070 Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. https://t.co/LTdrTi0Kff...

7CVSS6.2AI score0.0032EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/02 2:57 p.m.8 views

CVE-2026-33641

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, Glances supports dynamic configuration values in which substrings enclosed in backticks are executed as system commands during configuration parsing. This behavior occurs in Config.getvalue and is implemented...

7.8CVSS6AI score0.00866EPSS
Exploits3References3
Debian CVE
Debian CVE
added 2026/04/02 2:57 p.m.5 views

CVE-2026-33641

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, Glances supports dynamic configuration values in which substrings enclosed in backticks are executed as system commands during configuration parsing. This behavior occurs in Config.getvalue and is implemented...

7.8CVSS5.7AI score0.00866EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.9 views

PT-2026-27172

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description AVideo is an open source video platform. A user with the "Videos Moderator" permission can escalate privileges to perform full video management operations, including ownership transfer and...

7.6CVSS5.7AI score0.0024EPSS
Exploits1References6
Snyk
Snyk
added 2026/02/18 10:42 p.m.6 views

Execution with Unnecessary Privileges

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Execution with Unnecessary Privileges via the sandbox.docker configuration. An attacker can gain unauthorized access to host resources or execute arbitrary commands on the host by injecti...

9.8CVSS6AI score0.00479EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.8 views

WordPress plugin Starfish Review Generation & Marketing 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS6AI score0.00316EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/03 1:49 a.m.7 views

CVE-2025-58383

A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind command, to escalate privileges and bypass security controls allowing the execution of arbitrary commands...

8.4CVSS8.2AI score0.00509EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.10 views

MiracleLinux 7 : kernel-3.10.0-1160.59.1.el7 (AXSA:2022-3092:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3092:04 advisory. kernel: use after free in eventpoll.c may lead to escalation of privilege CVE-2020-0466 kernel: Use After Free in unixgc which could result in a loc...

7.9CVSS7AI score0.02579EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.6 views

Synology DiskStation Manager Improper Control of Dynamically-Managed Code Resources (CVE-2024-5401)

Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager DSM before 7.1.1-42962-8 and 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote authenticated users to obtain privileges witho...

8.8CVSS5.5AI score0.00333EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:27 a.m.15 views

CVE-2008-7050

The passwordcheck function in auth/authphpbb3.php in WoW Raid Manager 3.5.1 before Patch 1, when using PHPBB3 authentication, 1 does not invoke the CheckPassword function with the required arguments, which always triggers an authentication failure, and 2 returns true instead of false when an...

7.5CVSS7.7AI score0.01885EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:41 a.m.9 views

CVE-1999-0436

Domain Enterprise Server Management System DESMS in HP-UX allows local users to gain privileges...

4.6CVSS6.9AI score0.00484EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 5:55 p.m.6 views

EUVD-2025-202224

Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to elevate privileges locally...

7.8CVSS6.6AI score0.00364EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/09 5:55 p.m.6 views

EUVD-2025-202248

Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS6.4AI score0.02039EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-29042

Malware in sbrugna...

7.8CVSS7.6AI score0.00502EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8731

Malware in sbrugna...

7.2CVSS6.1AI score0.0096EPSS
Exploits3References11
Rows per page
Query Builder