Page 40 of 3490 results (0.061 seconds)

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

Cross Site Request Forgery vulnerability in Spina CMS v.2.18.0 and before allows a remote attacker to escalate privileges via a crafted URL Vulnerabilidad de falsificación de solicitudes entre sitios en Spina CMS v.2.18.0 y anteriores permite a un atacante remoto escalar privilegios a través de una URL manipulada • https://github.com/topsky979/Security-Collections/tree/main/CVE-2024-41602 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. • https://www.dell.com/support/kbdoc/en-us/000227051/dsa-2024-239-security-update-dell-ecs-3-8-1-1-for-multiple-security-vulnerabilities • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Local privilege escalation due to OS command injection vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7035 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0

An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpujul2024.html •

CVSS: 9.3EPSS: 0%CPEs: -EXPL: 0

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component. • https://coldwx.github.io/CVE-2024-40505.html https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10266 • CWE-35: Path Traversal: '.../ •