Page 52 of 5009 results (0.326 seconds)

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

Due to missing authorization checks, SAP Enable Now allows an author to escalate privileges to access information which should otherwise be restricted. • https://me.sap.com/notes/3476348 https://url.sap/sapsecuritypatchday • CWE-862: Missing Authorization •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileged. Una vulnerabilidad de escalada de privilegios local en el cliente WatchGuard Mobile VPN con SSL en Windows permite a un usuario local ejecutar comandos arbitrarios con privilegios elevados. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00010 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

This could allow an authenticated local attacker to escalate privileges. ... Esto podría permitir que un atacante local autenticado escale privilegios. • https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-501799 • CWE-282: Improper Ownership Management •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component. • https://blog.be-hacktive.com/eskooly-cve/cve-2024-27713-protection-mechanism-failure-in-eskooly-web-product-less-than-v3.0 • CWE-693: Protection Mechanism Failure •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request. • https://github.com/b1ackc4t/14Finger/issues/12 • CWE-278: Insecure Preserved Inherited Permissions •