Lucene search
K

832 matches found

Nvidia
Nvidia
added 2025/07/10 12:0 a.m.33 views

Security Notice: Rowhammer - July 2025

NVIDIA has released this security notice in response to customer inquiries about potential impacts to NVIDIA GPUs from Rowhammer attacks. Go to NVIDIA Product Security. Details NVIDIA has received new research related to the industry-wide DRAM issue known as “Rowhammer”. The research demonstrates...

7.4AI score
Exploits0
OSV
OSV
added 2025/07/07 3:15 p.m.7 views

CVE-2025-6805

Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The...

9.1CVSS6AI score0.01134EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/07/04 12:0 a.m.124 views

📄 Microsoft AutoUpdate Privilege Escalation

Microsoft AutoUpdate MAU suffers from a privilege escalation vulnerability. Titles: CVE-2025-47968-Core-Logic Microsoft AutoUpdate MAU Elevation of Privilege Vulnerability Author: nu11secur1ty Date: 07/03/2025 Vendor: https://www.microsoft.com/en-us Software:...

7.8CVSS6.6AI score0.0037EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/06/25 7:1 p.m.9 views

CVE-2025-49144

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

7.3CVSS7.8AI score0.00419EPSS
Exploits4References1
NVD
NVD
added 2025/06/23 7:15 p.m.12 views

CVE-2025-49144

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social...

7.3CVSS0.00419EPSS
Exploits4References7
Positive Technologies
Positive Technologies
added 2025/06/21 12:0 a.m.6 views

PT-2025-26637

Name of the Vulnerable Software and Affected Versions Notepad++ versions 8.8.1 and prior Description Notepad++ is a free and open-source source code editor. A privilege escalation flaw exists in the Notepad++ installer versions 8.8.1 and prior due to insecure executable search paths. This allows...

7.3CVSS8.2AI score0.00419EPSS
Exploits4References109
GithubExploit
GithubExploit
added 2025/06/13 3:31 p.m.131 views

Exploit for Unrestricted Upload of File with Dangerous Type in Efrotech Timetrax

CVE-2025-46157 CVE-2025-46157 – Timetrax V1 2025 Remote Co...

9.9CVSS10AI score0.00896EPSS
Exploits2
Information Security Automation
Information Security Automation
added 2025/06/10 8:44 a.m.16 views

About Elevation of Privilege – Microsoft DWM Core Library (CVE-2025-30400) vulnerability

About Elevation of Privilege - Microsoft DWM Core Library CVE-2025-30400 vulnerability. The vulnerability, patched as part of May Microsoft Patch Tuesday, affects the Desktop Window Manager component. This is a compositing window manager that has been part of Windows since Windows Vista. Successf...

7.8CVSS9.5AI score0.05687EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2025/06/09 12:0 a.m.3 views

A Red Teaming Roadmap Towards System-Level Safety

Large Language Model LLM safeguards, which implement request refusals, have become a widely adopted mitigation strategy against misuse. At the intersection of adversarial machine learning and AI safety, safeguard red teaming has effectively identified critical vulnerabilities in state-of-the-art...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2025/06/05 6:50 p.m.416 views

ThinManager Path Traversal (CVE-2023-27856) Arbitrary File Download

This module exploits a path traversal vulnerability CVE-2023-27856 in ThinManager use auxiliary/gather/thinmanagertraversaldownload msf auxiliarythinmanagertraversaldownload show actions ...actions... msf auxiliarythinmanagertraversaldownload set ACTION msf auxiliarythinmanagertraversaldownload...

7.5CVSS7.6AI score0.7613EPSS
Exploits1
Metasploit
Metasploit
added 2025/06/05 6:50 p.m.338 views

ThinManager Path Traversal (CVE-2023-2915) Arbitrary File Delete

This module exploits a path traversal vulnerability CVE-2023-2915 in ThinManager use auxiliary/admin/networking/thinmanagertraversaldelete msf auxiliarythinmanagertraversaldelete show actions ...actions... msf auxiliarythinmanagertraversaldelete set ACTION msf auxiliarythinmanagertraversaldelete...

9.1CVSS7.4AI score0.78093EPSS
Exploits1
NVD
NVD
added 2025/05/30 4:15 p.m.8 views

CVE-2024-13917

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.pri.applock.LockUI“ activity allows any other malicious application, with no granted Android system...

8.3CVSS0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/30 3:17 p.m.18 views

CVE-2024-13917 Intent Injection in Kruger&Matz AppLock application

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.pri.applock.LockUI“ activity allows any other malicious application, with no granted Android system...

8.3CVSS6.5AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/30 3:17 p.m.18 views

CVE-2024-13917 Intent Injection in Kruger&Matz AppLock application

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.pri.applock.LockUI“ activity allows any other malicious application, with no granted Android system...

8.3CVSS0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:27 a.m.11 views

CVE-2024-9154

A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system level on the device. This issue affects Ewon Flexy 205: through 14.8s0 2633...

8.6CVSS7.6AI score0.00602EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:2 a.m.5 views

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

9.8CVSS7.9AI score0.0116EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:9 a.m.5 views

CVE-2023-21370

In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.8AI score0.00092EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:9 a.m.4 views

CVE-2023-21310

In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS7.1AI score0.00096EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.7 views

CVE-2023-20774

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292228; Issue ID: ALPS07292228...

6.7CVSS6.5AI score0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:5 a.m.5 views

CVE-2023-20733

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645149...

6.7CVSS6.7AI score0.00075EPSS
Exploits0References1
Rows per page
Query Builder