CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 6 days ago•6 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS0.00013EPSS

Vulnrichment•added 6 days ago•6 views

CVE-2026-7480

Cvelist•added 6 days ago•26 views

CVE-2026-7480

7.3CVSS0.00013EPSS

ATTACKERKB•added 6 days ago•4 views

CVE-2026-7480

Exploits0References2Affected Software1

CVE•added 6 days ago•10 views

CVE-2026-7480

CVE-2026-7480 : An Incorrect Permission Assignment for Critical Resource vulnerability affects the ASUS System Control Interface. A local user can elevate privileges to SYSTEM and execute arbitrary code by sending a crafted RPC call that bypasses the validation mechanism. This description is supp...

Positive Technologies•added 6 days ago•6 views

PT-2026-44742

CNNVD•added 6 days ago•4 views

ASUS System Control Interface 安全漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a security vulnerability in the ASUS System Control Interface, which stems from improper allocation of permissions for critical resources. This vulnerability could allow local users...

7.3CVSS6.1AI score0.00013EPSS

Nuclei•added 2026/05/25 4:37 a.m.•86 views

Adobe ColdFusion - Unrestricted File Upload Remote Code Execution

Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. id: CVE-2018-15961 info: name: Adobe ColdFusion - Unrestricted File Upload...

10CVSS7.8AI score0.94393EPSS

Exploits11References5

ATTACKERKB•added 2026/05/17 12:11 p.m.•4 views

CVE-2018-25320

ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...

9.8CVSS6.5AI score0.00128EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/05/17 12:0 a.m.•6 views

PT-2026-41546

9.8CVSS6.5AI score0.00128EPSS

Exploits0References5

NVD•added 2026/05/08 3:16 a.m.•7 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS0.00006EPSS

Vulnrichment•added 2026/05/08 2:0 a.m.•4 views

CVE-2026-3508

6.8CVSS5.9AI score0.00006EPSS

Cvelist•added 2026/05/08 2:0 a.m.•24 views

CVE-2026-3508

6.8CVSS0.00006EPSS

CNNVD•added 2026/05/08 12:0 a.m.•3 views

ASUS System Control Interface 缓冲区错误漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a buffer overflow vulnerability in the ASUS System Control Interface. This vulnerability arises from reading sizes that exceed the size of the buffer within the IOCTL handler, which...

6.8CVSS6.1AI score0.00006EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•8 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpipd-name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name...

7.8CVSS6.6AI score0.00039EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Added a lock to protect the encoder context list. A lock was added for the ctxlist to prevent accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist is deleted due to an unexpect...

7CVSS5.8AI score0.00019EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence number identifies a...

4.7CVSS6.6AI score0.00012EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed the enumeration of protocols in the base protocol. When enumerating the protocols implemented by the SCMI platform using BASEDISCOVERLISTPROTOCOLS, the number of protocols returned is currently validated ...

5.5CVSS6.1AI score0.0003EPSS