Page 26 of 7991 results (0.228 seconds)

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

20 Dec 2024 — Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows authenticated attackers to escalate privileges. • https://medium.com/@hamzanadeem1337/unauthorized-full-vertical-privilege-escalation-in-digiteam-sales-gamification-portal-version-4-21-0-c3e3282e9053 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 1

19 Dec 2024 — The manipulation leads to improper privilege management. ... Durch das Manipulieren mit unbekannten Daten kann eine improper privilege management-Schwachstelle ausgenutzt werden. • https://winslow1984.com/books/cve-collection/page/adobe-downloader-131-local-privilege-escalation • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •

CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0

19 Dec 2024 — The construction involves building the tables in local memory, which are then copied into guest memory. The construction involves building the tables in local memory, which are then copied into guest memory. ... The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prior contents. Multiple vulnerabilities ha... • https://xenbits.xenproject.org/xsa/advisory-464.html • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

19 Dec 2024 — Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. ... An attacker can leverage this to escalate privileges to resources normally protected from the user. ... • https://www.zerodayinitiative.com/advisories/ZDI-24-1720 • CWE-863: Incorrect Authorization •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

18 Dec 2024 — This could lead to local escalation of privilege with no additional execution privileges needed. ... This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-11-01 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

18 Dec 2024 — An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component. • https://github.com/CV1523/CVEs/blob/main/CVE-2024-55505.md •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

16 Dec 2024 — An improper validation vulnerability was reported in the firmware update mechanism of LADM and LDCC that could allow a local attacker to escalate privileges. • https://support.lenovo.co/us/en/product_security/LEN-174319 • CWE-295: Improper Certificate Validation •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

14 Dec 2024 — IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. • https://www.ibm.com/support/pages/node/7178098 • CWE-250: Execution with Unnecessary Privileges •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

12 Dec 2024 — Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the conte... • https://cdn.wacom.com/u/productsupport/drivers/win/professional/releasenotes/Windows_6.4.8-2.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

11 Dec 2024 — Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Application-Control-CVE-2024-11598 • CWE-276: Incorrect Default Permissions •