Page 17 of 3528 results (0.021 seconds)

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests. • https://fortiguard.fortinet.com/psirt/FG-IR-24-196 • CWE-134: Use of Externally-Controlled Format String •

CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0

This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •

CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0

This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch gdb.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •

CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0

This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vish2.exe from a user-writable directory. • https://cert-portal.siemens.com/productcert/html/ssa-426509.html • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43556 • CWE-416: Use After Free •