Page 123 of 5095 results (0.017 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges. • https://www.tenable.com/security/tns-2024-05 • CWE-269: Improper Privilege Management •

CVSS: -EPSS: 0%CPEs: -EXPL: 2

SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the tb_login parameter in admin login page. • https://github.com/thetrueartist/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227 https://github.com/thetrueartist/ABO.CMS-Login-SQLi-CVE-2024-25227 https://thetrueartist.wixsite.com/cveblog/post/understanding-the-potential-impact-of-cve-2024-25227-what-you-need-to-know-and-how-it-was-discovered •

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0

Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. La falla del mecanismo de protección en algunos procesadores Intel(R) Xeon(R) de tercera y cuarta generación cuando se utiliza Intel(R) SGX o Intel(R) TDX puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local. ... This issue may allow a malicious actor to achieve local privilege escalation when using Intel SGX or Intel TDX features. • https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html https://security.netapp.com/advisory/ntap-20240405-0006 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html https://access.redhat.com/security/cve/CVE-2023-22655 https://bugzilla.redhat.com/show_bug.cgi?id=2270698 • CWE-693: Protection Mechanism Failure •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

Checkmk Agent versions 2.0.0, 2.1.0, and 2.2.0 suffer from a local privilege escalation vulnerability. •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

SQL injection vulnerability in FME Modules quickproducttable module for PrestaShop v.1.2.1 and before, allows a remote attacker to escalate privileges and obtain information via the readCsv(), displayAjaxProductChangeAttr, displayAjaxProductAddToCart, getSearchProducts, and displayAjaxProductSku methods. • https://security.friendsofpresta.org/modules/2024/03/12/quickproducttable.html • CWE-269: Improper Privilege Management •