CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

85 matches found

GithubExploit•added 2026/01/16 10:20 a.m.•125 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-59287 - WSUS / SCCM RCE Based on the original exploi...

9.8CVSS7.3AI score0.72697EPSS

Exploits24

RedhatCVE•added 2026/01/09 9:55 a.m.•3 views

CVE-2020-12320

Uncontrolled search path in IntelR SCS Add-on for Microsoft SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.2AI score0.00068EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-3885

Malware in sbrugna...

5.5CVSS5.7AI score0.00127EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2019-8676

Malware in sbrugna...

7.2CVSS6.9AI score0.20905EPSS

Exploits3References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-25578

Malware in sbrugna...

5.3CVSS5.6AI score0.00206EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-4632

Malware in sbrugna...

7.8CVSS7.6AI score0.00068EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-26602

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00034EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:11 p.m.•3 views

CVE-2021-39190

The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM version 1802 to GLPI. In versions prior to 2.3.0, the Configuration page is publicly accessible in read-only mode. This issue is patched in version 2.3.0. No known workarounds exist...

5.3CVSS6.7AI score0.00206EPSS

Exploits0

Metasploit•added 2025/03/04 6:55 p.m.•532 views

Get NAA Credentials

This module attempts to retrieve the Network Access Accounts, if configured, from the SCCM server. This requires a computer account, which can be added using the samraccount module. Module Options msf use auxiliary/admin/sccm/getnaacredentials msf auxiliarygetnaacredentials show actions...

5.8AI score

Exploits0

CVE•added 2024/11/12 5:14 p.m.•62 views

CVE-2024-21938

Summary: CVE-2024-21938 concerns the AMD Management Plugin for Microsoft System Center Configuration Manager (SCCM). The root cause is incorrect default permissions in the SCCM installation directory, which could let a low-privilege attacker escalate privileges and potentially achieve arbitrary c...

7.8CVSS7.8AI score0.001EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/11/12 12:0 a.m.•1 views

PT-2024-19121 · Microsoft +1 · System Center Configuration Manager +1

Name of the Vulnerable Software and Affected Versions: AMD Management Plugin for Microsoft System Center Configuration Manager SCCM versions prior to 7.0.0.1318 Description: The issue is related to incorrect default permissions in the AMD Management Plugin for the Microsoft System Center...

7.8CVSS7.6AI score0.001EPSS

Exploits0References5

Amd•added 2024/11/12 12:0 a.m.•18 views

AMD Management Plugin for SCCM Incorrect Default Permissions Vulnerability

Bulletin ID: AMD-SB-9005 Potential Impact: Incorrect Default Permissions Leading to Arbitrary Execution Severity: High Summary An incorrect default permissions vulnerability is identified within the AMD Management Plugin for the Microsoft® System Center Configuration Manager SCCM. The plugin is...

7.8CVSS7.7AI score0.001EPSS

Exploits0

The Hacker News•added 2024/06/25 10:42 a.m.•38 views

New Attack Technique Exploits Microsoft Management Console Files

Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console MSC files to gain full code execution using Microsoft Management Console MMC and evade security defenses. Elastic Security Labs has codenamed the approach GrimResource after...

6.6AI score

Exploits0

Citrix•added 2024/05/15 12:0 a.m.•3 views

VDA upgrade failure when deployed through SCCM

VDA deployment using SCCM...

7.2AI score

Exploits0

NVD•added 2023/05/10 2:15 p.m.•8 views

CVE-2023-22440

Incorrect default permissions in the IntelR SCS Add-on software installer for Microsoft SCCM all versions may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS6.9AI score0.00034EPSS

Exploits0References1

Prion•added 2023/05/10 2:15 p.m.•18 views

Design/Logic Flaw

4.3CVSS7.7AI score0.00034EPSS

Exploits0References1Affected Software1

CVE•added 2023/05/10 1:17 p.m.•31 views

CVE-2023-22440

The CVE-2023-22440 issue affects Intel® SCS Add-on software installer for Microsoft SCCM (all versions). The root cause is incorrect default permissions, which could allow an authenticated user to escalate privileges via local access. The Intel advisory notes no updates will be released and recom...

7.8CVSS7.7AI score0.00034EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/05/10 1:17 p.m.•4 views

CVE-2023-22440

6.7CVSS7.8AI score0.00034EPSS

Exploits0References1

Cvelist•added 2023/05/10 1:17 p.m.•10 views

CVE-2023-22440

6.7CVSS8AI score0.00034EPSS

Exploits0References1

Intel•added 2023/05/09 12:0 a.m.•17 views

Intel® SCS Add-on Software Installer Advisory

Summary: A potential security vulnerability in the Intel® Setup and Configuration Software SCS Add-on software installer for Microsoft System Center Configuration Manager SCCM may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued...

7.8CVSS7AI score0.00034EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by