Page 20 of 3543 results (0.149 seconds)

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7218 • CWE-427: Uncontrolled Search Path Element •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7188 • CWE-427: Uncontrolled Search Path Element •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell. • https://support.lenovo.com/us/en/product_security/LEN-165524 • CWE-489: Active Debug Code •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device. • https://community.ui.com/releases/Security-Advisory-Bulletin-042-042/c4f68b56-cdc4-4128-b2cb-5870209d1704 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

It permits an attacker with granted emergency access to escalate their privileges by changing the access level and modifying the wait time. • https://github.com/dani-garcia/vaultwarden/blob/1.30.3/src/api/core/emergency_access.rs#L115-L148 https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.0 https://www.mgm-sp.com/cve/missing-authentication-check-for-emergency-access • CWE-269: Improper Privilege Management •