Lucene search
K

25 matches found

Debian CVE
Debian CVE
added 5 days ago3 views

CVE-2026-14018

Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS5.8AI score0.00104EPSS
Exploits0
CVE
CVE
added 5 days ago10 views

CVE-2026-13844

CVE-2026-13844 describes a use-after-free flaw in the Google Chrome Updater on Windows, before version 150.0.7871.47, enabling a local attacker to achieve OS-level privilege escalation via a malicious file. Affected software: Google Chrome and its Updater components on Windows. Root cause: use-af...

7.8CVSS5.8AI score0.00109EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago4 views

PT-2026-54104

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the Updater component of Google Chrome on Mac. This flaw allows a local attacker to achieve privilege escalation by utilizing a malicious file. Use afte...

7.8CVSS5.9AI score0.00109EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.10 views

CVE-2025-23114

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate...

9CVSS7.7AI score0.00626EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.13 views

CVE-2024-39698

electron-updater allows for automatic updates for Electron apps. The file packages/electron-updater/src/windowsExecutableCodeSignatureVerifier.ts implements the signature validation routine for Electron applications on Windows. Because of the surrounding shell, a first pass by cmd.exe expands any...

7.5CVSS7.1AI score0.00336EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/12/02 12:0 a.m.3 views

Google Chrome < 143.0.7499.40 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 143.0.7499.40. It is, therefore, affected by multiple vulnerabilities as referenced in the 202512stable-channel-update-for-desktop advisory. - Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41...

8.8CVSS6.1AI score0.00393EPSS
Exploits0References27
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-6204

Malware in sbrugna...

4.7CVSS7.3AI score0.00245EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-53943

Malicious code in bioql PyPI...

6.5CVSS7.8AI score0.00581EPSS
Exploits0References4
NVD
NVD
added 2025/02/05 2:15 a.m.19 views

CVE-2025-23114

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate...

9CVSS0.00626EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 1:45 a.m.20 views

CVE-2025-23114

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate...

9CVSS0.00626EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.7 views

The vulnerability of the Updater component of the Google Chrome browser, which allows a hacker to escalate their privileges.

The vulnerability of the Updater component in Google Chrome relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending a specially crafted malicious file...

9CVSS5.4AI score0.00355EPSS
Exploits1References4Affected Software2
NVD
NVD
added 2024/05/14 3:12 p.m.41 views

CVE-2024-27460

A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below...

6.7CVSS6.8AI score0.01673EPSS
Exploits4References1
CVE
CVE
added 2024/05/10 8:23 p.m.82 views

CVE-2024-27460

CVE-2024-27460 affects HP Plantronics Hub up to version 3.25.1, including the updater component. The Red Hat/NVD entries confirm a privilege-escalation vulnerability in the Plantronics Hub updater that can be triggered by a low-privileged user. Public PoCs and exploit listings describe an Arbitra...

6.7CVSS7AI score0.01673EPSS
Exploits4References1Affected Software1
NVD
NVD
added 2024/01/23 9:15 p.m.13 views

CVE-2023-52094

An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute...

7.8CVSS7.8AI score0.00311EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/12/25 12:0 a.m.4 views

The vulnerability of the Updater service in Parallels Desktop hypervisor allows a hacker to execute arbitrary code and increase their privileges.

The vulnerability of the Updater service in Parallels Desktop operates due to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to elevate privileges and execute arbitrary code within the root context...

7.8CVSS7.6AI score0.00686EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.3 views

SUSE CVE-2016-5293

When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox E...

5.5CVSS6.1AI score0.00336EPSS
Exploits0References6
OSV
OSV
added 2022/05/23 6:16 p.m.7 views

CVE-2022-28944

Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network...

8.8CVSS6.7AI score0.01689EPSS
Exploits2References3
Prion
Prion
added 2022/05/23 6:16 p.m.18 views

Remote code execution

Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network...

6.8CVSS9.2AI score0.01689EPSS
Exploits2References3Affected Software8
OSV
OSV
added 2020/01/08 10:15 p.m.3 views

CVE-2019-17009

When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. Note: This attack requires local system access and only affects Windows. Other...

7.8CVSS7.1AI score0.00333EPSS
Exploits0References6
CNVD
CNVD
added 2018/02/01 12:0 a.m.1 views

Haystack Arq for Mac Local Elevation of Privilege Vulnerability

Haystack Arq for Mac is a Mac-based file backup software from Haystack Software, USA. auto-updater binary is one of the auto-updater components. A security vulnerability exists in the arqupdater binary in Haystack Arq 5.10 and earlier versions for Mac. A local attacker can exploit the vulnerabili...

7.8CVSS6.9AI score0.01009EPSS
Exploits3References1
Rows per page
Query Builder