Lucene search
+L

24 matches found

osv
osv
added 2026/06/16 3:18 p.m.8 views

PSF-2026-28

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.4AI score0.00136EPSS
Exploits0References7
redhatcve
redhatcve
added 2026/02/25 10:16 a.m.7 views

CVE-2025-40539

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS6AI score0.00445EPSS
Exploits0References1
nvd
nvd
added 2026/02/24 8:16 a.m.11 views

CVE-2025-40540

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS0.00445EPSS
Exploits0References2
nvd
nvd
added 2026/02/24 8:16 a.m.15 views

CVE-2025-40541

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

9.1CVSS0.0057EPSS
Exploits0References2
nvd
nvd
added 2026/02/24 8:16 a.m.5 views

CVE-2025-40539

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS0.00445EPSS
Exploits0References2
euvd
euvd
added 2026/02/24 7:41 a.m.8 views

EUVD-2025-207543

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

9.1CVSS5.7AI score0.0057EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/24 7:41 a.m.9 views

CVE-2025-40541 SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

9.1CVSS5.7AI score0.0057EPSS
Exploits0References2
cve
cve
added 2026/02/24 7:41 a.m.30 views

CVE-2025-40541

The CVE-2025-40541 entry describes an Insecure Direct Object Reference (IDOR) vulnerability in SolarWinds Serv-U. The issue allows an attacker to execute native code as a privileged account, requiring administrative privileges to exploit. On Windows deployments, risk is noted as medium because se...

9.1CVSS5.7AI score0.0057EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/02/24 7:41 a.m.10 views

EUVD-2025-207544

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS6AI score0.00445EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/02/24 7:40 a.m.5 views

CVE-2025-40539

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

9.1CVSS6AI score0.00445EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/02/24 7:40 a.m.36 views

CVE-2025-40538

CVE-2025-40538 affects SolarWinds Serv-U; it describes a broken access control vulnerability that, if abused, enables a malicious actor with domain/admin privileges to create a system administrator account and execute arbitrary code with privileged access. Impact per sources: high/critical across...

9.1CVSS6AI score0.00496EPSS
Exploits0References2Affected Software1
redhatcve
redhatcve
added 2025/11/19 9:9 a.m.6 views

CVE-2025-40548

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under...

9.1CVSS6.9AI score0.00659EPSS
Exploits0References1
nvd
nvd
added 2025/11/18 9:15 a.m.4 views

CVE-2025-40548

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under...

9.1CVSS0.00659EPSS
Exploits0References2
osv
osv
added 2025/11/18 9:15 a.m.9 views

CVE-2025-40548

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under...

9.1CVSS5.9AI score0.00659EPSS
Exploits0References2
nvd
nvd
added 2025/11/18 9:15 a.m.6 views

CVE-2025-40547

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run...

9.1CVSS0.00836EPSS
Exploits1References2
cvelist
cvelist
added 2025/11/18 8:38 a.m.13 views

CVE-2025-40548 SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under...

9.1CVSS0.00659EPSS
Exploits0References2
euvd
euvd
added 2025/11/18 8:38 a.m.6 views

EUVD-2025-197929

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under...

9.1CVSS6.5AI score0.00659EPSS
Exploits0References3
euvd
euvd
added 2025/11/18 8:35 a.m.5 views

EUVD-2025-197930

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run...

9.1CVSS6.5AI score0.00836EPSS
Exploits1References3
cvelist
cvelist
added 2025/11/18 8:35 a.m.16 views

CVE-2025-40547 SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run...

9.1CVSS0.00836EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-5385

Malware in sbrugna...

8.8CVSS8.6AI score0.024EPSS
Exploits0References13
Rows per page
Query Builder