Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/11/08 6:51 p.m.3 views

CVE-2025-36186

IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

7.8CVSS7.2AI score0.0001EPSS
Exploits0References1
Prion
Prionadded 2024/03/12 11:15 a.m.10 views

Design/Logic Flaw

A vulnerability has been identified in Siveillance Control All versions = V2.8 V3.1.1. The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only ha...

1.7CVSS7.2AI score0.00079EPSS
Exploits0References1
Veracode
Veracodeadded 2022/04/25 8:12 a.m.32 views

Insecure Defaults

github.com/cri-o/cri-o is vulnerable to insecure defaults. The vulnerability exists because its containers started incorrectly with non-empty inheritable Linux process capabilities, allowing an unprivileged user to gain inheritable file capabilities up to the container's bounding set...

5.3CVSS4.7AI score0.00021EPSS
Exploits0References3Affected Software2
CVE
CVEadded 2015/12/17 7:0 p.m.54 views

CVE-2015-4027

CVE-2015-4027 affects Acunetix Web Vulnerability Scanner (WVS) 10, specifically the AcuWVSSchedulerv10 service. The bug enables a local user to escalate privileges by manipulating a command parameter in the reporttemplate property within a params JSON object passed to api/addScan. This is a local...

7.2CVSS6.5AI score0.01002EPSS
Exploits5References3Affected Software1
Cvelist
Cvelistadded 2015/10/05 3:0 p.m.18 views

CVE-2015-7707

Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp...

6.3AI score0.03857EPSS
Exploits2References5
NVD
NVDadded 2009/07/07 7:30 p.m.10 views

CVE-2009-2344

The web-based management interfaces in Sourcefire Defense Center DC and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components...

9CVSS6.6AI score0.02785EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2008/01/07 12:0 a.m.22 views

Debian DSA-1450-1 : util-linux - programming error

It was discovered that util-linux, miscellaneous system utilities, didn't drop privileged user and group permissions in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

7.2CVSS5.3AI score0.00101EPSS
Exploits0References2
Prion
Prionadded 2007/12/10 9:46 p.m.35 views

Code injection

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER...

3.5CVSS6.8AI score0.00795EPSS
Exploits2References25Affected Software1
CVE
CVEadded 2002/03/09 5:0 a.m.51 views

CVE-1999-1320

Technical details about CVE-1999-1320 are not publicly provided in the supplied documents. No affected products, root cause, or fixes are described here. Monitor for updates.

4.6CVSS7AI score0.0003EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder