Page 147 of 5045 results (0.135 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-21886 – Xorg-x11-server: heap buffer overflow in disabledevice

https://notcve.org/view.php?id=CVE-2024-21886

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/errata/RHSA-2024:0320 https://access.redhat.com/errata/RHSA-2024:0557 https://access.redhat.com/errata/RHSA-2024:0558 https://access.redhat.com/errata/RHSA-2024:0597 https://access.redhat.com/errata/RHSA-2024:0607 https://access.redhat.com/errata/RHSA-2024:0614 https://access.redhat.com/errata/RHSA-2024:0617 https://access.redhat.com/errata/RHSA-2024:0621 https://access.redhat.com/errata/RHSA-2024:0626 https://access.redhat.com/errata/RHSA • CWE-122: Heap-based Buffer Overflow •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-0229 – Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access

https://notcve.org/view.php?id=CVE-2024-0229

This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. ... This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/errata/RHSA-2024:0320 https://access.redhat.com/errata/RHSA-2024:0557 https://access.redhat.com/errata/RHSA-2024:0558 https://access.redhat.com/errata/RHSA-2024:0597 https://access.redhat.com/errata/RHSA-2024:0607 https://access.redhat.com/errata/RHSA-2024:0614 https://access.redhat.com/errata/RHSA-2024:0617 https://access.redhat.com/errata/RHSA-2024:0621 https://access.redhat.com/errata/RHSA-2024:0626 https://access.redhat.com/errata/RHSA • CWE-788: Access of Memory Location After End of Buffer •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-0507 – Privilege Escalation by Code Injection in the Management Console in GitHub Enterprise Server

https://notcve.org/view.php?id=CVE-2024-0507

An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-22428

https://notcve.org/view.php?id=CVE-2024-22428

It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. ... Puede permitir que un usuario local sin privilegios escale privilegios y ejecute código arbitrario en el sistema afectado. • https://www.dell.com/support/kbdoc/en-us/000221129/dsa-2024-018-security-update-for-dell-idrac-service-module-for-weak-folder-permission-vulnerabilities • CWE-276: Incorrect Default Permissions •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2023-51059

https://notcve.org/view.php?id=CVE-2023-51059

An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface. • https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management https://www.mokosmart.com/wp-content/uploads/2019/10/GS-gateway.pdf •