Page 265 of 2984 results (0.013 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1360 • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1360 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device. • https://us-cert.cisa.gov/ics/advisories/icsa-21-147-03 • CWE-269: Improper Privilege Management CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Improper Access Control in Thales Sentinel Protection Installer could allow a local user to escalate privileges. • https://cpl.thalesgroup.com/fr/software-monetization/security-updates • CWE-284: Improper Access Control •

CVSS: 8.8EPSS: 3%CPEs: 4EXPL: 0

Un atacante con bajos privilegios de usuario puede robar los hashes de las contraseñas y la información de las sales de las contraseñas This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. ... An attacker can leverage this vulnerability to escalate privileges to the level of an application administrator. • https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-3 https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35234 https://www.zerodayinitiative.com/advisories/ZDI-21-1596 https://www.zerodayinitiative.com/advisories/ZDI-21-1597 https://www.zerodayinitiative.com/advisories/ZDI-21-1598 https://www.zerodayinitiative.com/advisories/ZDI-21-1599 https://www.ze • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •