CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/19 2:42 p.m.•6 views

CVE-2026-5804

ATTACKERKB•added 2026/05/19 2:42 p.m.•9 views

CVE-2026-5804

CNNVD•added 2026/05/19 12:0 a.m.•8 views

Exploits0References2

Motorola Factory Test 安全漏洞

Motorola Factory Test is a mobile device hardware testing and production testing tool developed by the American company Motorola. Motorola Factory Test contains a security vulnerability. This vulnerability stems from the use of references to writable file descriptors in applications, which may...

Positive Technologies•added 2026/05/19 12:0 a.m.•14 views

PT-2026-41947

CNNVD•added 2026/04/08 12:0 a.m.•5 views

Exploits0References2

Red Hat Process Automation Manager 安全漏洞

Red Hat Process Automation Manager is a process automation manager developed by the American company Red Hat. This product supports functions such as business process management, business rule management, business resource optimization, and complex event handling. There is a security vulnerabilit...

6.4CVSS5.8AI score0.00145EPSS

Exploits0References2

ATTACKERKB•added 2026/03/11 9:30 p.m.•3 views

CVE-2026-32128

FastGPT is an AI Agent building platform. In 4.14.7 and earlier, FastGPT's Python Sandbox fastgpt-sandbox includes guardrails intended to prevent file writes static detection + seccomp. These guardrails are bypassable by remapping stdout fd 1 to an arbitrary writable file descriptor using fcntl...

6.3CVSS5.9AI score0.00296EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2026/03/11 12:0 a.m.•5 views

PT-2026-24852

6.3CVSS5.9AI score0.00296EPSS

Exploits1References3

RedhatCVE•added 2026/03/06 7:52 a.m.•3 views

CVE-2026-29126

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

8.5CVSS6AI score0.00142EPSS

EUVD•added 2026/03/05 3:31 a.m.•4 views

EUVD-2026-9518

NVD•added 2026/03/05 2:16 a.m.•7 views

Exploits1References2

CVE-2026-29126

8.5CVSS0.00142EPSS

ATTACKERKB•added 2026/03/05 1:51 a.m.•6 views

CVE-2026-29126

Vulnrichment•added 2026/03/05 1:51 a.m.•2 views

Exploits1References2

CVE-2026-29126 World-Writable, Root Owned/Run `/etc/udhcpc/default.script` in IDC SFX2100 Satellite Receiver Leads To Potential LPE

CVE•added 2026/03/05 1:51 a.m.•17 views

CVE-2026-29126

The CVE describes an issue in the International Data Casting (IDC) SFX2100 Satellite Receiver where a root-owned, world-writable /etc/udhcpc/default.script can be modified by a local unprivileged attacker. The script is executed on DHCP lease events, enabling local privilege escalation and persis...

Exploits1References1Affected Software1

Cvelist•added 2026/03/05 1:38 a.m.•28 views

CVE-2026-29125 IDC SFX2100 Satellite Receiver allows unprivileged modification of DNS configuration due to world-writable `/etc/resolv.conf`

IDC SFX2100 Satalite Recievers set the /etc/resolv.conf file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service...

7.1CVSS0.00106EPSS

Positive Technologies•added 2026/03/05 12:0 a.m.•8 views

PT-2026-23122

Name of the Vulnerable Software and Affected Versions IDC SFX2100 Satellite Receiver affected versions not specified Description A misconfiguration involving incorrect permission assignment of a world-writable file, specifically /etc/udhcpc/default.script, exists. This allows a local, unprivilege...

8.5CVSS6AI score0.00142EPSS

Exploits1References7

Cvelist•added 2026/01/22 9:24 a.m.•28 views

CVE-2026-1225 Malicious logback.xml configuration file allows instantiation of arbitrary classes

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

1.8CVSS0.00151EPSS

RedhatCVE•added 2025/12/17 11:3 p.m.•2 views

CVE-2025-34288

Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...

8.6CVSS7.7AI score0.01763EPSS