Lucene search
K

874 matches found

EUVD
EUVD
added 2026/06/01 3:20 a.m.18 views

EUVD-2026-33544

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784...

7.8CVSS5.8AI score0.00108EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 3:20 a.m.9 views

CVE-2026-20453

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791...

5.8AI score0.00114EPSS
Exploits0References2
CVE
CVE
added 2026/06/01 3:20 a.m.39 views

CVE-2026-20453

CVE-2026-20453 affects geniezone with a possible out-of-bounds write caused by a missing bounds check. The issue could enable local privilege escalation for an actor who already has System privileges, with no user interaction required. Patch ALPS10886526 (MSV-6791) is referenced as a fix. Exploit...

6.7CVSS5.8AI score0.00114EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.28 views

PT-2026-45355

Privilege chaining issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

8.5CVSS7.1AI score0.00097EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.29 views

PT-2026-45257

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784...

5.8AI score0.00108EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.24 views

PT-2026-45354

Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

8.5CVSS7.1AI score0.00097EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43455

Summary The IAM API endpoints listUsers, getUser, listGroups, and getGroup in yamcs-core do not enforce the required SystemPrivilege.ControlAccess check. As a result, any authenticated user even those with low or no privileges can enumerate all user accounts in the system, including their...

4.3CVSS5.8AI score0.00028EPSS
Exploits2References3
Cvelist
Cvelist
added 2026/05/07 6:49 a.m.43 views

CVE-2026-44406 DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

5.7CVSS0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 9:31 p.m.8 views

EUVD-2026-28091

Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS5.8AI score0.00108EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/06 8:21 p.m.16 views

CVE-2026-34459

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request...

8.8CVSS6.1AI score0.00139EPSS
Exploits1References1
CVE
CVE
added 2026/05/06 3:45 p.m.13 views

CVE-2026-41288

WatchGuard Agent on Windows is affected by an improper permission assignment in the patch management component, allowing an authenticated local user to escalate to NT AUTHORITY\SYSTEM. The CVE entry notes a local-privilege-escalation impact with high confidentiality, integrity, and availability i...

7.8CVSS5.8AI score0.00103EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/05 7:27 p.m.8 views

CVE-2026-34459 Sandboxie-Plus sandbox escape via uninitialized memory leak and stack overflow in GetRawInputDeviceInfoSlave

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request...

8.8CVSS6.1AI score0.00139EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.13 views

CVE-2026-20447

In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073; Issue ID: MSV-6296...

6.7CVSS5.8AI score0.00114EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-37225

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration restrictions EditAdminOnly and ConfigPassword and inject arbitrary directives into the global...

9.3CVSS5.9AI score0.00251EPSS
Exploits1References3
NVD
NVD
added 2026/05/04 7:15 a.m.14 views

CVE-2026-20447

In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073; Issue ID: MSV-6296...

6.7CVSS0.00114EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 5:42 a.m.42 views

CVE-2026-20451

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504...

0.00154EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 5:41 a.m.13 views

EUVD-2026-26888

In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281...

6.7CVSS5.8AI score0.00146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:41 a.m.3 views

CVE-2026-20448

In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281...

6.7CVSS5.8AI score0.00146EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/04 5:41 a.m.39 views

CVE-2026-20448

In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281...

0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 5:41 a.m.6 views

CVE-2026-20448

In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281...

5.8AI score0.00146EPSS
Exploits0References1
Rows per page
Query Builder