Page 32 of 5089 results (0.020 seconds)

CVSS: -EPSS: 0%CPEs: 1EXPL: 0

This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. • https://source.android.com/security/bulletin/2024-11-01 •

CVSS: 8.8EPSS: 0%CPEs: 26EXPL: 0

Windows Graphics Component Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38249 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to escalate privileges via a crafted GET request. • https://github.com/jeecgboot/JimuReport/issues/2904 • CWE-269: Improper Privilege Management •

CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0

An issue in Ellevo v.6.2.0.38160 allows a remote attacker to escalate privileges via the /api/usuario/cadastrodesuplente endpoint. • https://csflabs.github.io/cve/2024/09/06/cve-2024-42759-approval-of-your-own-ticket-with-BFLA.html https://ellevo.com • CWE-592: DEPRECATED: Authentication Bypass Issues •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

A server side request forgery vulnerability allows a low-privileged user to perform local privilege escalation through exploiting an SSRF vulnerability. • https://www.veeam.com/kb4649 • CWE-918: Server-Side Request Forgery (SSRF) •