Page 25 of 3547 results (0.031 seconds)

CVSS: 7.0EPSS: %CPEs: -EXPL: 0

This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication. • https://www.ibm.com/support/pages/node/7167245 • CWE-308: Use of Single-factor Authentication •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious .dll file in the respective location. • https://www.cirosec.de/sa/sa-2024-004 • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. • https://www.schutzwerk.com/blog/schutzwerk-sa-2024-001 https://www.vivavis.com/en/solution/scada-en/high-leit https://www.vivavis.com/en/vivavis-high-leit-rce-vulnerability-cve-2024-38456 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. ... An attacker can leverage this vulnerability to escalate privileges execute arbitrary code in the context of the VIP MCU. •