Page 12 of 3049 results (0.056 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/en-US/solution/KA-0017997 https://www.zerodayinitiative.com/advisories/ZDI-24-1419 •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. • https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45710 • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-863: Incorrect Authorization •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the current user on the host system. • https://www.oracle.com/security-alerts/cpuoct2024.html •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges. • https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/264 • CWE-352: Cross-Site Request Forgery (CSRF) •