Lucene search
+L

162 matches found

RedhatCVE
RedhatCVE
•added 2026/03/04 7:44 p.m.•8 views

CVE-2026-3437

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS6AI score0.00159EPSS
Exploits1References1
NVD
NVD
•added 2026/03/03 6:16 p.m.•15 views

CVE-2026-3437

An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS0.00159EPSS
Exploits1References3
Cvelist
Cvelist
•added 2026/03/03 5:44 p.m.•38 views

CVE-2026-3437 Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering Toolkits

An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS0.00159EPSS
Exploits1References3
Vulnrichment
Vulnrichment
•added 2026/03/03 5:44 p.m.•3 views

CVE-2026-3437 Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering Toolkits

An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS6.2AI score0.00159EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
•added 2026/03/03 5:44 p.m.•8 views

CVE-2026-3437

An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS6.2AI score0.00159EPSS
Exploits1References4
CVE
CVE
•added 2026/03/03 5:44 p.m.•30 views

CVE-2026-3437

CVE-2026-3437 affects Portwell Engineering Toolkits (version 4.8.2). The issue is an improper restriction of operations within the bounds of a memory buffer in the Portwell Toolkits driver, enabling a local authenticated attacker to read and write arbitrary memory. Exploitation could lead to priv...

9.3CVSS6.2AI score0.00159EPSS
Exploits1References3Affected Software1
EUVD
EUVD
•added 2026/03/03 5:44 p.m.•9 views

EUVD-2026-9310

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS6AI score0.00159EPSS
Exploits1References1
CNNVD
CNNVD
•added 2026/03/03 12:0 a.m.•7 views

Portwell Engineering Toolkits ē¼“å†²åŒŗé”™čÆÆę¼ę“ž

Portwell Engineering Toolkits is a software development and management toolkit developed by Portwell Company in Singapore. Version 4.8.2 of Portwell Engineering Toolkits contains a buffer error vulnerability. This vulnerability stems from improper restrictions on memory buffer operations, which m...

9.3CVSS6.1AI score0.00159EPSS
Exploits1References2
Positive Technologies
Positive Technologies
•added 2026/03/03 12:0 a.m.•18 views

PT-2026-22767

Name of the Vulnerable Software and Affected Versions Portwell Engineering Toolkits version 4.8.2 Description An improper restriction of operations within the bounds of a memory buffer in the Portwell Engineering Toolkits driver allows a local authenticated attacker to read and write to arbitrary...

9.3CVSS6.1AI score0.00159EPSS
Exploits1References10
Packet Storm
Packet Storm
•added 2026/02/27 12:0 a.m.•189 views

šŸ“„ Xerte Online Toolkits 3.14 Shell Upload

A vulnerability in Xerte Online Toolkits versions 3.14 and earlier allows unauthenticated users to upload arbitrary files via the template import functionality. The issue exists in /websitecode/php/import/import.php. Due to missing authentication checks on the import endpoint, an attacker can...

6.1AI score
Exploits0
Metasploit
Metasploit
•added 2026/02/13 6:59 p.m.•303 views

Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Template Import

This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Specifically, this targets /websitecode/php/import/import.php OPSEC This module results in directories being created and database entries which can not easily b...

9.8CVSS5.8AI score0.01479EPSS
Exploits2
Metasploit
Metasploit
•added 2026/02/13 6:59 p.m.•254 views

Xerte Online Toolkits Arbitrary File Upload - Import Language

This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Module Options msf use exploit/multi/http/xerteunauthenticatedimportlanguage msf exploitxerteunauthenticatedimportlanguage show targets ...targets... msf...

5.5AI score
Exploits0
Packet Storm
Packet Storm
•added 2026/02/13 12:0 a.m.•149 views

šŸ“„ Xerte Online Toolkits 3.14 Import Language Shell Upload

This Metasploit module exploits an authentication bypass allowing arbitrary file upload in Xerte Online Toolkits versions 3.14 of and earlier to upload and execute a shell. This module requires Metasploit: https://metasploit.com/download Current source:...

5.8AI score
Exploits0
Packet Storm
Packet Storm
•added 2026/02/13 12:0 a.m.•192 views

šŸ“„ Xerte Online Toolkits 3.14 Template Import Shell Upload

This Metasploit module exploits an authentication bypass allowing arbitrary file upload in Xerte Online Toolkits versions 3.14 and earlier to upload and execute a shell. Specifically, this targets /websitecode/php/import/import.php. Note: this Metasploit module results in directories being create...

5.8AI score
Exploits0
Packet Storm
Packet Storm
•added 2026/02/13 12:0 a.m.•152 views

šŸ“„ Xerte Online Toolkits 3.14 Upload Image Shell Upload

This Metasploit module exploits the user template file import functions unrestricted file upload in Xerte Online Toolkits versions 3.14 and earlier to upload and execute a shell. This targets editor/uploadImage.php. This has only been tested in implementations where the authentication type is Db...

5.6AI score
Exploits0
Vulnrichment
Vulnrichment
•added 2026/02/10 4:25 p.m.•4 views

CVE-2025-20106

Uncontrolled search path in some software installer for some VTuneTM Profiler software and IntelR oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity...

6.7CVSS5.2AI score0.00128EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/02/10 4:25 p.m.•30 views

CVE-2025-20106

Uncontrolled search path in some software installer for some VTuneTM Profiler software and IntelR oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity...

6.7CVSS0.00128EPSS
Exploits0References1
CNNVD
CNNVD
•added 2026/02/10 12:0 a.m.•7 views

Intel VTune Profiler和Intel oneAPI Toolkits ä»£ē é—®é¢˜ę¼ę“ž

Intel VTune Profiler and Intel oneAPI Toolkits are products of Intel Corporation, a US company. Intel VTune Profiler is a performance testing tool designed to optimize software. This software can be used for performance testing in IoT embedded applications, media software, Java applications, and...

6.7CVSS5.9AI score0.00128EPSS
Exploits0References1
Intel
Intel
•added 2026/02/10 12:0 a.m.•9 views

VTuneā„¢ Profiler Software Advisory

Summary: A potential security vulnerability in some VTuneā„¢ Profiler software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20106 Description: Uncontrolled search path in some software install...

6.7CVSS5.3AI score0.00128EPSS
Exploits0
RedhatCVE
RedhatCVE
•added 2026/01/09 9:29 a.m.•32 views

CVE-2023-29242

Improper access control for IntelR oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.2AI score0.00137EPSS
Exploits0References1
Rows per page
Query Builder