Page 196 of 5095 results (0.068 seconds)

CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0

NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may lead to escalation of privileges. • https://nvidia.custhelp.com/app/answers/detail/a_id/5491 • CWE-427: Uncontrolled Search Path Element •

CVSS: 9.8EPSS: 3%CPEs: 12EXPL: 1

This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. • https://github.com/rockrid3r/CVE-2023-5178 https://access.redhat.com/errata/RHSA-2023:7370 https://access.redhat.com/errata/RHSA-2023:7379 https://access.redhat.com/errata/RHSA-2023:7418 https://access.redhat.com/errata/RHSA-2023:7548 https://access.redhat.com/errata/RHSA-2023:7549 https://access.redhat.com/errata/RHSA-2023:7551 https://access.redhat.com/errata/RHSA-2023:7554 https://access.redhat.com/errata/RHSA-2023:7557 https://access.redhat.com/errata/RHSA-2023 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0

This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. ... Antes de que el usuario root registre el cliente de insights en el sistema, un usuario local sin privilegios o un atacante podría crear el directorio /var/tmp/insights-client (que posee el directorio con permisos de lectura, escritura y ejecución) en el sistema. • https://access.redhat.com/errata/RHSA-2023:6264 https://access.redhat.com/errata/RHSA-2023:6282 https://access.redhat.com/errata/RHSA-2023:6283 https://access.redhat.com/errata/RHSA-2023:6284 https://access.redhat.com/errata/RHSA-2023:6795 https://access.redhat.com/errata/RHSA-2023:6796 https://access.redhat.com/errata/RHSA-2023:6798 https://access.redhat.com/errata/RHSA-2023:6811 https://access.redhat.com/security/cve/CVE-2023-3972 https://bugzilla.redhat.com/show • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0

Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. ... This vulnerability allows local attackers to escalate privileges on affected installations of Tenable Nessus. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.tenable.com/security/tns-2023-37 https://www.tenable.com/security/tns-2023-38 • CWE-269: Improper Privilege Management •

CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0

This could lead to local escalation of privilege with System execution privileges needed En el servicio de simulación, existe una forma posible de escribir registros de uso de permisos de una aplicación debido a que falta una verificación de permisos. Esto podría llevar a una escalada local de privilegios con permisos de ejecución de System necesarios. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-862: Missing Authorization •