Page 272 of 2984 results (0.044 seconds)

CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. • https://security.paloaltonetworks.com/CVE-2021-3058 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. • https://kc.mcafee.com/corporate/index?page=content&id=SB10374 • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

Windows Feedback Hub Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Feedback Hub This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42280 https://www.zerodayinitiative.com/advisories/ZDI-21-1307 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Diagnostics Hub Standard Collector This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277 https://www.zerodayinitiative.com/advisories/ZDI-21-1306 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0

Windows Installer Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios del instalador de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41379 https://www.zerodayinitiative.com/advisories/ZDI-21-1308 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •