CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/11 7:30 p.m.•6 views

CVE-2026-8320

CVE-2026-8320 affects jishenghua jshERP up to 3.6. The vulnerability is in the getUserByWeixinCode function of jshERP-boot/src/main/java/com/jsh/erp/service/UserService.java within the updatePlatformConfigByKey Endpoint. Manipulating the weixinUrl argument leads to server-side request forgery (SS...

5.8CVSS5.5AI score0.00046EPSS

OSV•added 2026/03/18 12:34 p.m.•2 views

MAL-2026-1641 Malicious code in @uc-platform/user-service-client-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3b540186390d5c469d9b5de607c8d6b64fc0315e70c245ec70c16f1732058cc The package @uc-platform/user-service-client-ts was found to contain malicious code...

5.8AI score

OSSF Malicious Packages•added 2026/03/18 12:34 p.m.•4 views

Malicious code in @uc-platform/user-service-client-ts (npm)

5.8AI score

RedhatCVE•added 2026/01/09 10:47 a.m.•3 views

CVE-2022-31267

Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "admin"' value...

9.8CVSS7.1AI score0.0064EPSS

Exploits1References1

Cvelist•added 2025/11/11 5:59 p.m.•5 views

CVE-2025-60717 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

...

7CVSS0.00039EPSS

Vulnrichment•added 2025/11/11 5:59 p.m.•3 views

CVE-2025-60717 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

...

7CVSS6.6AI score0.00039EPSS

CVE•added 2025/11/11 5:59 p.m.•11 views

CVE-2025-60717

CVE-2025-60717 is a use-after-free vulnerability in Windows Broadcast DVR User Service that allows an authorized user to gain elevated privileges locally. The connected sources (NVD, CVE lists, and EU/NCSc advisories) corroborate the affected component and privilege-elevation impact, with no publ...

Exploits0References1Affected Software9

Cvelist•added 2025/11/11 5:59 p.m.•3 views

CVE-2025-59515 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

...

7CVSS0.00039EPSS

CVE•added 2025/11/11 5:59 p.m.•7 views

CVE-2025-59515

CVE-2025-59515 is a use-after-free vulnerability in Windows Broadcast DVR User Service that enables local privilege escalation for an authorized attacker. The NVD/NCSC entries confirm the impact as elevated rights locally, with CVSS v3.1 base score 7.0 (HIGH) and LOCAL/LOW privileges required, no...

Exploits0References1Affected Software9

Vulnrichment•added 2025/11/11 5:59 p.m.•3 views

CVE-2025-59515 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

...

7CVSS6.6AI score0.00039EPSS

EUVD•added 2025/11/11 5:59 p.m.•3 views

EUVD-2025-93418

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally...

Microsoft CVE•added 2025/11/11 8:0 a.m.•3 views

Exploits0References2

Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally...

7CVSS5.6AI score0.00039EPSS

Microsoft CVE•added 2025/11/11 8:0 a.m.•2 views

Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally...

7CVSS5.6AI score0.00039EPSS

CNNVD•added 2025/11/11 12:0 a.m.•3 views

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. A resource management error vulnerability exists in Microsoft Windows Broadcast DVR User Service. An attacker could exploit the vulnerability to elevate privileges. The following products and...

7CVSS5.2AI score0.00039EPSS

Positive Technologies•added 2025/11/11 12:0 a.m.•4 views

PT-2025-46478

Name of the Vulnerable Software and Affected Versions Windows Broadcast DVR User Service affected versions not specified Description A use after free condition exists in the Windows Broadcast DVR User Service. This allows an authorized attacker to gain elevated privileges on a local system...

Positive Technologies•added 2025/11/11 12:0 a.m.•3 views

PT-2025-46465

Name of the Vulnerable Software and Affected Versions Windows Broadcast DVR User Service affected versions not specified Description A use-after-free condition exists in the Windows Broadcast DVR User Service. This allows an authorized attacker to gain elevated privileges on a local system...

RedhatCVE•added 2025/10/15 5:44 p.m.•2 views

CVE-2025-55684

Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00045EPSS

RedhatCVE•added 2025/10/15 5:44 p.m.•2 views

CVE-2025-55686

Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally...

7CVSS7.1AI score0.00045EPSS