Page 452 of 45886 results (0.119 seconds)

CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0

An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Search service. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30033 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0

An app may be able to execute arbitrary code with kernel privileges. • http://seclists.org/fulldisclosure/2024/May/12 https://support.apple.com/en-us/HT214106 https://support.apple.com/kb/HT214106 • CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 8.1EPSS: 0%CPEs: -EXPL: 1

An app may be able to execute arbitrary code with kernel privileges. • https://github.com/R00tkitSMM/CVE-2024-27804 http://seclists.org/fulldisclosure/2024/May/10 http://seclists.org/fulldisclosure/2024/May/12 http://seclists.org/fulldisclosure/2024/May/16 http://seclists.org/fulldisclosure/2024/May/17 https://support.apple.com/en-us/HT214101 https://support.apple.com/en-us/HT214102 https://support.apple.com/en-us/HT214104 https://support.apple.com/en-us/HT214106 https://support.apple.com/kb/HT214101 https://support.apple.com/kb/ • CWE-1325: Improperly Controlled Sequential Memory Allocation •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

Processing a file may lead to unexpected app termination or arbitrary code execution. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. • http://seclists.org/fulldisclosure/2024/May/12 https://support.apple.com/en-us/HT214106 https://support.apple.com/kb/HT214106 • CWE-788: Access of Memory Location After End of Buffer •

CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0

An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. • http://seclists.org/fulldisclosure/2024/May/12 https://support.apple.com/en-us/HT214106 https://support.apple.com/kb/HT214106 •