CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

RedhatCVE•added 2025/10/15 5:44 p.m.•4 views

CVE-2025-59203

Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally...

5.5CVSS6.5AI score0.00074EPSS

Exploits0References1

EUVD•added 2025/10/14 6:30 p.m.•0 views

EUVD-2025-34294

Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally...

5.5CVSS8.8AI score0.00074EPSS

Exploits0References2

Positive Technologies•added 2025/10/14 12:0 a.m.•3 views

PT-2025-42095

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description An issue exists in the Windows StateRepository API where sensitive information is inserted into log files. This allows an authorized attacker to disclose information locally. Recommendations ...

5.5CVSS8.8AI score0.00074EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-27019

Malicious code in bioql PyPI...

7CVSS7.4AI score0.00514EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•8 views

EUVD-2025-20623

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00385EPSS

Exploits0References1

OSV•added 2025/08/12 6:15 p.m.•1 views

CVE-2025-53789

Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00318EPSS

Exploits0References1

Cvelist•added 2025/08/12 5:10 p.m.•5 views

CVE-2025-53789 Windows StateRepository API Server file Elevation of Privilege Vulnerability

...

7.8CVSS0.00318EPSS

Exploits0References1

Positive Technologies•added 2025/08/12 12:0 a.m.•2 views

PT-2025-32859 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: Missing authentication for a critical function within the Windows StateRepository API can allow a local attacker to elevate privileges. Recommendations: At the moment, there is no informati...

7.8CVSS7AI score0.00318EPSS

Exploits0References8

CNNVD•added 2025/08/12 12:0 a.m.•1 views

Microsoft Windows 访问控制错误漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. An access control error vulnerability exists in the Microsoft Windows StateRepository API. An attacker could exploit the vulnerability to elevate privileges. The following products and editio...

7.8CVSS6.3AI score0.00318EPSS

Exploits0References1

RedhatCVE•added 2025/07/10 5:18 p.m.•3 views

CVE-2025-49723

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally...

8.8CVSS7.1AI score0.00385EPSS

Exploits0References1

OSV•added 2025/07/08 5:16 p.m.•0 views

CVE-2025-49723

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally...

8.8CVSS5.8AI score0.00385EPSS

Exploits0References1

NVD•added 2025/07/08 5:16 p.m.•3 views

CVE-2025-49723

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally...

8.8CVSS0.00385EPSS

Exploits0References1

CVE•added 2025/07/08 4:57 p.m.•44 views

CVE-2025-49723

CVE-2025-49723 affects Windows StateRepository API, enabling local tampering of data due to missing authorization in the Server file path. The CNVD/NCSC entries confirm impact as manipulation of data with a high CVSS (8.8) and local attack vector; no public exploitation details are provided in th...

8.8CVSS6.5AI score0.00385EPSS

Exploits0References1Affected Software10

Vulnrichment•added 2025/07/08 4:57 p.m.•6 views

CVE-2025-49723 Windows StateRepository API Server file Tampering Vulnerability

...

8.8CVSS7.2AI score0.00385EPSS

Exploits0References1

Cvelist•added 2025/07/08 4:57 p.m.•5 views

CVE-2025-49723 Windows StateRepository API Server file Tampering Vulnerability

...

8.8CVSS0.00385EPSS

Exploits0References1

Microsoft CVE•added 2025/07/08 2:0 p.m.•3 views

Windows StateRepository API Server file Tampering Vulnerability

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally...

8.8CVSS6.6AI score0.00385EPSS

Exploits0

Positive Technologies•added 2025/07/08 12:0 a.m.•0 views

PT-2025-28612 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue concerns missing authorization in the Windows StateRepository API, allowing an authorized attacker to perform local tampering. This means that an attacker with certain privileges...

8.8CVSS5.7AI score0.00385EPSS

Exploits0References6

NVD•added 2022/01/11 9:15 p.m.•20 views

CVE-2022-21863

Windows StateRepository API Server file Elevation of Privilege Vulnerability...

7CVSS0.00514EPSS

Exploits0References2

OSV•added 2022/01/11 9:15 p.m.•2 views

CVE-2022-21863

Windows StateRepository API Server file Elevation of Privilege Vulnerability...

7CVSS7.3AI score0.00514EPSS

Exploits0References2