Page 128 of 5110 results (0.051 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files. Una validación de entrada incorrecta en Qualcom plctool permite a un atacante local con privilegios bajos obtener acceso de root cambiando la propiedad de archivos específicos. This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 devices. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-20: Improper Input Validation •

CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0

An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service. Un atacante local no autenticado puede realizar una escalada de privilegios debido a una validación de entrada incorrecta en el servicio del agente OCPP. This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 charging controllers. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-20: Improper Input Validation •

CVSS: 4.8EPSS: 0%CPEs: -EXPL: 1

HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted payload to the english.php component. • https://github.com/hackervegas001/CVE-2024-26521 https://github.com/capture0x/Phoenix • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2024-03-01 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

This could lead to local escalation of privilege with no additional execution privileges needed. ... Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2024-03-01 • CWE-269: Improper Privilege Management •