Page 273 of 2984 results (0.017 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-537983.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

This can be exploited for local privilege escalation to get full root access. • https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html https://www.mail-archive.com/bug-hurd%40gnu.org/msg32116.html • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1

The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access. • https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html https://www.mail-archive.com/bug-hurd%40gnu.org/msg32114.html • CWE-287: Improper Authentication •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges. • https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02 • CWE-312: Cleartext Storage of Sensitive Information •