Page 33 of 3049 results (0.021 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34. • https://support.catonetworks.com/hc/en-us/articles/19762641007133-CVE-2024-6974-Windows-SDP-Client-Local-Privilege-Escalation-via-self-upgrade • CWE-276: Incorrect Default Permissions CWE-426: Untrusted Search Path •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31202 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the getCacheFileName function in file.go file • https://gist.github.com/nyxfqq/a5a2fc5147a1b34538e1ac05a3e56910 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-328: Use of Weak Hash •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file • https://gist.github.com/nyxfqq/b53b0148b9aa040de63f58a68fd11445 • CWE-599: Missing Validation of OpenSSL Certificate •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-1036 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •