Page 48 of 3532 results (0.076 seconds)

CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0

Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate privileges to SuperAdmin via a crafted PUT HTTP request, potentially leading to unauthorized access to sensitive system functions and data. • https://github.com/yugabyte/yugabyte-db/commit/03b193de40b79329439bb9968a7d27a1cc57d662 https://github.com/yugabyte/yugabyte-db/commit/68f01680c565be2a370cfb7734a1b3721d6778bb • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

Cross Site Request Forgery vulnerability in Spina CMS v.2.18.0 and before allows a remote attacker to escalate privileges via a crafted URL Vulnerabilidad de falsificación de solicitudes entre sitios en Spina CMS v.2.18.0 y anteriores permite a un atacante remoto escalar privilegios a través de una URL manipulada • https://github.com/topsky979/Security-Collections/tree/main/CVE-2024-41602 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. • https://www.dell.com/support/kbdoc/en-us/000227051/dsa-2024-239-security-update-dell-ecs-3-8-1-1-for-multiple-security-vulnerabilities • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Local privilege escalation due to OS command injection vulnerability. • https://security-advisory.acronis.com/advisories/SEC-7035 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0

An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpujul2024.html •