Page 13 of 3554 results (0.029 seconds)

CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows local attackers to escalate privileges on affected installations of QEMU. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://access.redhat.com/security/cve/CVE-2024-6519 https://bugzilla.redhat.com/show_bug.cgi?id=2292089 https://www.zerodayinitiative.com/advisories/ZDI-24-1382 • CWE-416: Use After Free •

CVSS: 6.6EPSS: 0%CPEs: -EXPL: 0

RCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system. • http://zoneminder.com https://medium.com/%40dk50u1/rce-remote-code-execution-in-zoneminder-up-to-1-36-33-0686f5bcd370 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for authenticated attackers, with subscriber-level access and above, to escalate their privileges to that of an administrator. • https://patchstack.com/database/vulnerability/rs-members/wordpress-rs-members-plugin-1-0-3-privilege-escalation-vulnerability?_s_id=cve • CWE-266: Incorrect Privilege Assignment •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page. • https://daly.wtf/multiple-vulnerabilities-discovered-in-automatic-systems-software •

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php component. • https://daly.wtf/multiple-vulnerabilities-discovered-in-automatic-systems-software •