Page 101 of 3547 results (0.023 seconds)

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011, allows remote attackers to escalate privileges and bypass authentication via incorrect access control in the web management portal. • https://github.com/n0obit4/Vulnerability_Disclosure/tree/main/CVE-2023-49340 • CWE-287: Improper Authentication CWE-1390: Weak Authentication •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. • https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2 https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r • CWE-284: Improper Access Control •

CVSS: 5.4EPSS: 0%CPEs: -EXPL: 1

Cross Site Scripting vulnerability in Customer Support System v.1.0 allows a remote attacker to escalate privileges via a crafted script firstname, "lastname", "middlename", "contact" and address parameters. • https://github.com/geraldoalcantara/CVE-2023-51281 https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component. • http://cute.com https://github.com/GZLDL/CVE/blob/main/CVE-2024-26566/CVE-2024-26566%20English.md https://github.com/GZLDL/CVE/tree/main/Cute%20Http%20File%20Server%20JWT • CWE-288: Authentication Bypass Using an Alternate Path or Channel •

CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0

An issue was discovered in Lustre versions 2.13.x, 2.14.x, and 2.15.x before 2.15.4, allows attackers to escalate privileges and obtain sensitive information via Incorrect Access Control. • http://lists.lustre.org/pipermail/lustre-announce-lustre.org/2024/000270.html http://www.openwall.com/lists/oss-security/2024/03/12/2 • CWE-284: Improper Access Control •