Page 133 of 3552 results (0.038 seconds)

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5.1.2 may allow an authenticated attacker to escalate his privileges via HTTP or HTTPs requests with crafted JWT token values. • https://fortiguard.com/psirt/FG-IR-23-061 • CWE-287: Improper Authentication •

CVSS: 7.6EPSS: 0%CPEs: 17EXPL: 0

An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of root. • http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/errata/RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0017 https://access.redhat.com& • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 16%CPEs: 17EXPL: 0

This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. ... This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • http://www.openwall.com/lists/oss-security/2023/12/13/1 https://access.redhat.com/errata/RHSA-2023:7886 https://access.redhat.com/errata/RHSA-2024:0006 https://access.redhat.com/errata/RHSA-2024:0009 https://access.redhat.com/errata/RHSA-2024:0010 https://access.redhat.com/errata/RHSA-2024:0014 https://access.redhat.com/errata/RHSA-2024:0015 https://access.redhat.com/errata/RHSA-2024:0016 https://access.redhat.com/errata/RHSA-2024:0017 https://access.redhat.com& • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-23-1773 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows Predefined keys in the Microsoft Windows Registry may lead to confused deputy problems and local privilege escalation. • http://packetstormsecurity.com/files/176451/Microsoft-Windows-Registry-Predefined-Keys-Privilege-Escalation.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35633 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •