Lucene search
K

276237 matches found

Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.8 views

PT-2026-7751

Name of the Vulnerable Software and Affected Versions macOS Sequoia versions 15.7.4 macOS Tahoe version 26.3 macOS Sonoma versions 14.8.4 Description A privacy issue existed where an application could potentially access sensitive user data. The issue was resolved with improved checks...

5.5CVSS5.4AI score0.00134EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7531

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

2.3CVSS5.5AI score0.00391EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.4 views

Nsasoft Dnss Domain Name Search Software 安全漏洞

Nsasoft Dnss Domain Name Search Software is a domain name search and analysis tool developed by the American companyNsasoft. The software has a security vulnerability, which stems from a buffer overflow in the registration key field, potentially causing the application to crash...

7.5CVSS6AI score0.00441EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7694

Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application cras...

7.5CVSS5.8AI score0.00441EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/11 12:0 a.m.7 views

keylime-config-7.14.0+0-1.1 on GA media (moderate)

keylime-config-7.14.0+0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10165-1 Rating: moderate Cross-References: CVE-2026-1709 CVSS scores: CVE-2026-1709 SUSE : 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H CVE-2026-1709 SUSE : 8.8...

9.4CVSS5.5AI score0.0575EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/10 10:28 p.m.7 views

Malicious code in gpu-discovery (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ea1fffa4a4969c85232301df3c8d107642ac143fbf51600d166cfd2f8d536e10 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
NVD
NVD
added 2026/02/10 7:15 p.m.7 views

CVE-2026-21355

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim...

5.5CVSS0.00152EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 6:32 p.m.37 views

CVE-2026-21353

The CVE-2026-21353 issue affects DNG SDK versions 1.7.1 ≤ 2410 and earlier. The root cause is an Integer Overflow or Wraparound (CWE-190) in the SDK, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. ...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/10 6:32 p.m.3 views

CVE-2026-21355

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim...

5.5CVSS5.4AI score0.00152EPSS
Exploits0References2
NVD
NVD
added 2026/02/10 6:16 p.m.8 views

CVE-2026-21358

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue...

5.5CVSS0.00154EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 6:16 p.m.4 views

CVE-2026-21314

Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must...

5.5CVSS5.7AI score0.00153EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 6:16 p.m.2 views

CVE-2026-20841

Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.1165EPSS
Exploits9References2
Cvelist
Cvelist
added 2026/02/10 5:51 p.m.20 views

CVE-2026-21261 Microsoft Excel Information Disclosure Vulnerability

...

5.5CVSS0.00596EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 5:47 p.m.26 views

CVE-2026-25992 SiYuan has a File Read Interface Case Bypass Vulnerability

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read...

7.5CVSS0.00505EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/10 5:45 p.m.4 views

CVE-2026-21315 Audition | Out-of-bounds Read (CWE-125)

Audition versions 25.3 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must ope...

5.5CVSS5.5AI score0.00153EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 5:16 p.m.9 views

CVE-2025-36522

Incorrect default permissions for some IntelR Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

6.7CVSS0.00081EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 5:16 p.m.4 views

CVE-2025-32092

Insecure inherited permissions for some IntelR Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege...

6.7CVSS0.00109EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 5:16 p.m.5 views

CVE-2025-22849

Incorrect default permissions for the IntelR OptaneTM PMem management software before versions CRMGMT01.00.00.3584, CRMGMT02.00.00.4052, CRMGMT03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined...

6.7CVSS0.00114EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 4:26 p.m.5 views

CVE-2025-36522

Incorrect default permissions for some IntelR Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

6.7CVSS5.3AI score0.00081EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 4:26 p.m.14 views

CVE-2025-36522

Summary of CVE-2025-36522: The affected component is Intel Chipset Software. The vulnerability arises from incorrect default permissions in Ring 3 user applications, potentially enabling privilege escalation. It requires a local attacker with an authenticated user and high attack complexity, with...

6.7CVSS5.3AI score0.00081EPSS
Exploits0References1
Rows per page
Query Builder