Lucene search
K

1570 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/17 12:11 p.m.8 views

CVE-2018-25320

ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...

9.8CVSS6.5AI score0.00576EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.19 views

PT-2026-41546

ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to...

9.8CVSS6.5AI score0.00576EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 3:16 a.m.36 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 2:0 a.m.49 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 2:0 a.m.10 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS5.9AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.14 views

ASUS System Control Interface 缓冲区错误漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a buffer overflow vulnerability in the ASUS System Control Interface. This vulnerability arises from reading sizes that exceed the size of the buffer within the IOCTL handler, which...

6.8CVSS6.1AI score0.00137EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.17 views

PT-2026-34329

Name of the Vulnerable Software and Affected Versions camel-infinispan affected versions not specified Description Unsafe deserialization exists in the ProtoStream remote aggregation repository. A remote attacker with low privileges can send specially crafted data to achieve arbitrary code...

7.5CVSS6.1AI score0.00667EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.4 views

CVE-2025-15037

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 10:27 a.m.15 views

CVE-2026-23316

CVE-2026-23316 – Linux kernel ARM64 multipath hash seed alignment fix . The issue arises in the ARM64 Linux kernel when reading the 8-byte struct sysctl_fib_multipath_hash_seed (user_seed and mp_seed) atomically with READ_ONCE(). Under Clang+LTO, this full-structure read emits a 64-bit load-acqui...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/23 1:5 a.m.27 views

CVE-2026-4606 GeoVision ERM Improper Privilege Assignment Leads to SYSTEM-Level Privilege

GV Edge Recording Manager ERM v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is...

10CVSS0.00298EPSS
Exploits0References1
Redos
Redos
added 2026/03/19 12:0 a.m.7 views

ROS-20260319-73-0024

A vulnerability in the Core component of the Oracle VM VirtualBox virtual machine is related to access differentiation flaws. Exploitation of the vulnerability could allow an attacker to gain full control over the system...

6CVSS5.8AI score0.00234EPSS
Exploits0
NVD
NVD
added 2026/03/17 6:16 p.m.7 views

CVE-2026-32297

The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries. Modified configuration files or system binaries could allow an attacker to take complete control of a vulnerable system...

9.3CVSS0.00527EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/17 5:20 p.m.3 views

CVE-2026-32297

The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries. Modified configuration files or system binaries could allow an attacker to take complete control of a vulnerable system...

9.3CVSS5.9AI score0.00527EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.11 views

ANGEET ES3 KVM 安全漏洞

ANGEET ES3 KVM is a KVM switch device from theANGEET company that enables remote control of keyboards, video, and mice through the network. The ANGEET ES3 KVM has a security vulnerability; this vulnerability stems from allowing remote, unauthenticated attackers to write arbitrary files, potential...

9.3CVSS6.2AI score0.00527EPSS
Exploits0References3
NVD
NVD
added 2026/03/12 3:15 a.m.13 views

CVE-2025-15037

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

6.8CVSS0.00099EPSS
Exploits0References1
CVE
CVE
added 2026/03/12 2:0 a.m.15 views

CVE-2025-15037

CVE-2025-15037 affects the ASUS Business System Control Interface driver. An unprivileged local user can trigger a crafted IOCTL request, potentially leading to unauthorized access to hardware resources and kernel information disclosure. References point to the ASUS Security Advisory for details....

6.8CVSS5.8AI score0.00099EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/12 2:0 a.m.6 views

EUVD-2025-208607

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/12 2:0 a.m.23 views

CVE-2025-15037

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

6.8CVSS0.00099EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/12 2:0 a.m.4 views

CVE-2025-15037

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.9 views

PT-2026-24909

🚨 CVE-2025-15037 An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References7
Rows per page
Query Builder