Page 3 of 7884 results (0.024 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

01 Feb 2025 — A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege. • https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities • CWE-1220: Insufficient Granularity of Access Control •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7842 • CWE-426: Untrusted Search Path •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7841 • CWE-426: Untrusted Search Path •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7839 • CWE-426: Untrusted Search Path •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

31 Jan 2025 — Local privilege escalation due to DLL hijacking vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7829 • CWE-426: Untrusted Search Path •

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

31 Jan 2025 — Local privilege escalation due to unquoted search path vulnerability. • https://security-advisory.acronis.com/advisories/SEC-6153 • CWE-428: Unquoted Search Path or Element •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0

31 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardware device from the system. ... To avoid this issue, add a check for local->interfaces before deleting sdata list. To avoid this issue, add a check for local->interfaces before deleting sdata list. • https://git.kernel.org/stable/c/0d11dc30edfc4acef0acef130bb5ca596317190a •

CVSS: 4.6EPSS: 0%CPEs: -EXPL: 0

30 Jan 2025 — Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local access. • https://www.zoom.com/en/trust/security-bulletin/zsb-25004 • CWE-426: Untrusted Search Path •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

30 Jan 2025 — Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. • https://www.incibe.es/en/incibe-cert/notices/aviso/wondershare-drfone-privilege-scalation-vulnerability • CWE-269: Improper Privilege Management •

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

29 Jan 2025 — The OCSP response cache uses pickle as the serialization format, potentially leading to local privilege escalation. • https://github.com/snowflakedb/snowflake-connector-python/commit/3769b43822357c3874c40f5e74068458c2dc79af • CWE-502: Deserialization of Untrusted Data •