Lucene search
+L

1924 matches found

OSV
OSV
added 2026/06/01 12:0 a.m.11 views

ASB-A-446114623

In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8CVSS5.9AI score0.00121EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/29 7:32 p.m.169 views

Exploit for Improper Privilege Management in Apache Couchdb

Lab7-CVE-2017-12635-12636 I. SYSTEM ANALYSIS Ide...

10CVSS7.8AI score0.99838EPSS
Exploits21
CVE
CVE
added 2026/05/27 12:0 a.m.19 views

CVE-2026-38807

The CVE-2026-38807 entry concerns an insecure permissions vulnerability in kvf-admin v1.0.0 that enables a remote attacker to escalate privileges via the UserController.java component. Affected software is kvf-admin; the root cause is insecure access control in UserController.java leading to unau...

8.8CVSS5.8AI score0.00341EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

kvf-admin 安全漏洞

kvf-admin is a set of rapid development frameworks, scaffolding, backend management systems, and permission systems developed by KalvinGit’s individual developers. Version 1.1.0 of kvf-admin contains a security vulnerability. This vulnerability stems from improper permission settings in the...

8.8CVSS5.8AI score0.00341EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.6 views

The vulnerability of the software for interacting with servers via cURL, related to bypassing authentication due to a fundamental error, allows attackers to escalate their privileges.

The vulnerability of the software for interacting with servers via cURL is related to the bypassing of authentication due to a fundamental flaw in the code. Exploiting this vulnerability allows a remote attacker to increase their privileges...

6.5CVSS7.1AI score0.00302EPSS
Exploits1References11Affected Software8
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in python-gevent

A vulnerability in Gevent prior to version 23.9.0 allows a remote attacker to escalate privileges through a crafted script to the WSGIServer component...

9.8CVSS8.3AI score0.01345EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in the Updater component of Google Chrome prior to version 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation through a malicious file. Chromium security severity: High...

8.8CVSS7.3AI score0.00175EPSS
Exploits1References2
Kaspersky
Kaspersky
added 2026/05/19 12:0 a.m.19 views

KLA91065 Multiple vulnerabilities in Microsoft System Center

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Defender can ...

8.1CVSS6.8AI score0.63076EPSS
Exploits2References6
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.10 views

CVE-2026-8557

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00207EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-8557

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege...

7.5CVSS6.2AI score0.00207EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.10 views

EUVD-2026-29714

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

5.4CVSS5.8AI score0.0024EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 6:17 p.m.33 views

CVE-2026-42838

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

5.4CVSS0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the Passwords component’s policies, which could allow a remote attacker with access to a broken...

7.5CVSS6.1AI score0.00257EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-7978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via...

8.1CVSS7AI score0.00237EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 9:31 p.m.6 views

EUVD-2026-28059

Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. Chromium security severity: Medium...

8.1CVSS5.8AI score0.00237EPSS
Exploits0References3
NVD
NVD
added 2026/05/06 7:16 p.m.8 views

CVE-2026-7978

Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. Chromium security severity: Medium...

8.1CVSS0.00237EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.37 views

CVE-2026-7930

...

0.00107EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/06 6:12 p.m.12 views

CVE-2026-7930

...

5.4AI score0.00107EPSS
Exploits0
Redos
Redos
added 2026/05/06 12:0 a.m.11 views

ROS-20260506-73-0027

Vulnerability in tomcat related to a flaw in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

9.1CVSS5.8AI score0.00715EPSS
Exploits2
NVD
NVD
added 2026/05/04 2:16 p.m.17 views

CVE-2026-31205

Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function...

5.7CVSS0.0028EPSS
Exploits0References4
Rows per page
Query Builder