Page 24 of 3015 results (0.015 seconds)

CVSS: 5.2EPSS: 0%CPEs: 5EXPL: 0

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2024-5915 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

Windows Update Stack Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163 • CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

However, an attacker can escalate privileges from the zimbra user to root, because of improper handling of input arguments. An attacker can execute arbitrary commands with elevated privileges, leading to local privilege escalation. • https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component. • https://gccybermonks.com/posts/defectdojo • CWE-269: Improper Privilege Management •

CVSS: 7.3EPSS: 0%CPEs: 6EXPL: 0

Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. • https://jira.mongodb.org/browse/CDRIVER-5650 https://jira.mongodb.org/browse/PHPC-2369 https://jira.mongodb.org/browse/SERVER-93211 • CWE-284: Improper Access Control •