Page 144 of 5089 results (0.050 seconds)

CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0

This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether. ... Esta falla permite que un atacante sin privilegios manipule una instancia en ejecución, alterando potencialmente a los reenviadores, permitiéndoles rastrear todas las consultas enviadas por el solucionador local y, en algunos casos, interrumpiendo la resolución por completo. • https://access.redhat.com/errata/RHSA-2024:1750 https://access.redhat.com/errata/RHSA-2024:1751 https://access.redhat.com/errata/RHSA-2024:1780 https://access.redhat.com/errata/RHSA-2024:1801 https://access.redhat.com/errata/RHSA-2024:1802 https://access.redhat.com/errata/RHSA-2024:1804 https://access.redhat.com/errata/RHSA-2024:2587 https://access.redhat.com/errata/RHSA-2024:2696 https://access.redhat.com/security/cve/CVE-2024-1488 https://bugzilla.redhat.com/show • CWE-15: External Control of System or Configuration Setting •

CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. La vulnerabilidad de escalada de privilegios local potencialmente permitió a un atacante hacer un mal uso de las operaciones de archivos de ESET para eliminar archivos sin tener el permiso adecuado. This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed • CWE-269: Improper Privilege Management •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023 La versión del archivo ejecutable del instalador de Dell SupportAssist para PC domésticas anterior a 3.13.2.19 utilizado para la instalación inicial tiene una alta vulnerabilidad que puede resultar en una escalada de privilegios local (LPE). Esta vulnerabilidad solo afecta a las instalaciones realizadas por primera vez antes del 8 de marzo de 2023. • https://www.dell.com/support/kbdoc/en-us/000211410/dell-supportassist-for-home-pcs-security-update-for-installer-executable-file-for-local-privilege-escalation-lpe-vulnerability • CWE-269: Improper Privilege Management •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Cross Site Scripting (XSS) vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the users.php component. • https://www.lmgsecurity.com/news/critical-software-vulnerabilities-impacting-credit-unions-discovered-by-lmg-security-researcher-immediate-action-recommended • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Blind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component. • https://www.lmgsecurity.com/news/critical-software-vulnerabilities-impacting-credit-unions-discovered-by-lmg-security-researcher-immediate-action-recommended • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •