Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/01/29 3:20 p.m.4 views

CVE-2025-13905

CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart...

7CVSS5.9AI score0.00103EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2026/01/29 3:20 p.m.4 views

EUVD-2025-206546

CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart...

7CVSS5.9AI score0.00103EPSS
Exploits0References1
CVE
CVEadded 2026/01/29 3:20 p.m.12 views

CVE-2025-13905

CVE-2025-13905 maps to Schneider Electric EcoStruxure Process Expert (for AVEVA System Platform) with versions prior to 2025 affected. The issue is CWE-276: Incorrect Default Permissions, enabling privilege escalation via a reverse shell when one or more executable service binaries are modified i...

7CVSS5.9AI score0.00103EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/15 12:0 a.m.2 views

PT-2026-3177

Name of the Vulnerable Software and Affected Versions Sync Breeze version 13.6.18 Description Sync Breeze version 13.6.18 contains a security issue due to an unquoted service path in its Windows service configuration. This allows local attackers to potentially execute arbitrary code. The issue...

8.5CVSS7.5AI score0.00209EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2025/05/23 6:25 a.m.4 views

CVE-2024-50590

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

7.8CVSS7AI score0.00189EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/11/08 12:0 a.m.3 views

HASOMED Elefant 安全漏洞

HASOMED Elefant is an exercise software from the German company HASOMED. It specializes in meeting the needs of psychotherapists, child and adolescent psychotherapists, and medical psychotherapists. A security vulnerability exists in HASOMED Elefant, which arises from the fact that an attacker wi...

7.8CVSS6.4AI score0.00189EPSS
Exploits0References2
CNNVD
CNNVDadded 2021/10/26 12:0 a.m.1 views

OpenClinic GA 安全漏洞

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in OpenClinic GA, which stems from the fact that by default, the Authenticated Users group has permissio...

9.3CVSS7.7AI score0.01276EPSS
Exploits0References4
Rows per page
Query Builder