CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

109 matches found

NVD•added 2026/04/29 3:16 p.m.•2 views

CVE-2026-41220

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212, Acronis Cyber Protect Cloud Agent Windows before build 42183...

7.8CVSS0.00018EPSS

Exploits0References1

OSV•added 2026/02/23 8:28 p.m.•1 views

CVE-2025-63945

A privilege escalation PE vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition...

7.4CVSS6AI score0.00036EPSS

Exploits2References2

Positive Technologies•added 2026/02/23 12:0 a.m.•1 views

PT-2026-21541

Name of the Vulnerable Software and Affected Versions Tencent iOA versions through 210.9.28693.621001 Description A privilege escalation issue exists in the Tencent iOA app on Windows devices. A local user can execute programs with elevated privileges by exploiting a race condition. Recommendatio...

7.4CVSS5.3AI score0.00036EPSS

Exploits2References6

CVE•added 2026/02/23 12:0 a.m.•6 views

CVE-2025-63945

CVE-2025-63945 is a privilege-escalation vulnerability in the Tencent iOA app for Windows up to version 210.9.28693.621001. The issue is a race-condition at local privilege escalation time, allowing a non-privileged user to execute programs with SYSTEM-like privileges under certain conditions. Pu...

7.4CVSS5.8AI score0.00036EPSS

Exploits2References2Affected Software1

The Hacker News•added 2025/11/10 8:29 p.m.•5 views

Konni Hackers Turn Google's Find Hub into a Remote Data-Wiping Weapon

The North Korea-affiliated threat actor known as Konni aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control. "Attackers impersonated psychological counselors and North Korean...

6.8AI score

Exploits0

The Hacker News•added 2025/10/10 2:25 p.m.•2 views

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application SEA feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source...

7.3AI score

Exploits0