Page 24 of 3528 results (0.121 seconds)

CVSS: 7.0EPSS: 0%CPEs: -EXPL: 0

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows • https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US • CWE-664: Improper Control of a Resource Through its Lifetime •

CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 0

A successful exploit could allow the attacker to elevate privileges to root. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-CrG5vhCq • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0

An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker with admin privileges to escalate their privileges to SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022 • CWE-427: Uncontrolled Search Path Element •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC • CWE-427: Uncontrolled Search Path Element •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

Insufficient server-side controls in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC • CWE-602: Client-Side Enforcement of Server-Side Security •