Page 169 of 5093 results (0.028 seconds)

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows Predefined keys in the Microsoft Windows Registry may lead to confused deputy problems and local privilege escalation. • http://packetstormsecurity.com/files/176451/Microsoft-Windows-Registry-Predefined-Keys-Privilege-Escalation.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35633 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

This could allow an attacker to intercept credentials that are sent to the UMC server as well as to manipulate responses, potentially allowing an attacker to escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-077170.pdf • CWE-295: Improper Certificate Validation •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-5620 • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Insufficient permissions on a directory allow any local unprivileged user to escalate privileges to SYSTEM. ... Los permisos insuficientes en un directorio permiten que cualquier usuario local sin privilegios escale privilegios al SYSTEM. • https://github.com/mullvad/mullvadvpn-app/pull/5398 https://github.com/mullvad/mullvadvpn-app/releases/tag/2023.6 https://github.com/mullvad/mullvadvpn-app/releases/tag/2023.6-beta1 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if **all** the following are satisfied: 1. The user runs an application containing either `matplotlib` or `win32com`. 2. The application is ran as administrator (or at least a user with higher privileges than the attacker). 3. • https://github.com/pyinstaller/pyinstaller/pull/7827 https://github.com/pyinstaller/pyinstaller/security/advisories/GHSA-9w2p-rh8c-v9g5 https://github.com/python/cpython/blob/0fb18b02c8ad56299d6a2910be0bab8ad601ef24/Lib/shutil.py#L623 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2K2XIQLEMZIKUQUOWNDYWTEWYQTKMAN7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRWT34FAF23PUOLVZ7RVWBZMWPDR5U7 • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •