Page 52 of 3547 results (0.108 seconds)

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

CVE-2024-31912 – IBM MQ privilege escalation

https://notcve.org/view.php?id=CVE-2024-31912

IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. • https://exchange.xforce.ibmcloud.com/vulnerabilities/289894 https://www.ibm.com/support/pages/node/7158072 • CWE-266: Incorrect Privilege Assignment •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-4395 – Lack of Client Validation in Jamf Compliance Editor's Helper Service May Result in Privilege Escalation

https://notcve.org/view.php?id=CVE-2024-4395

The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege escalation. • https://github.com/Jamf-Concepts/jamf-compliance-editor/raw/v1.3.1/Jamf%20Compliance%20Editor%20-%20User%20Guide.pdf https://github.com/Jamf-Concepts/jamf-compliance-editor/releases/download/v1.3.1/JamfComplianceEditor.v1.3.1.pkg https://khronokernel.com/macos/2024/05/01/CVE-2024-4395.html https://trusted.jamf.com/docs/establishing-compliance-baselines#support • CWE-269: Improper Privilege Management •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-38370 – IBM Security Access Manager Docker information disclosure

https://notcve.org/view.php?id=CVE-2023-38370

IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261197 https://www.ibm.com/support/pages/node/7158790 • CWE-276: Incorrect Default Permissions •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-38368 – IBM Security Access Manager Docker information disclosure

https://notcve.org/view.php?id=CVE-2023-38368

IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261195 https://www.ibm.com/support/pages/node/7158790 • CWE-276: Incorrect Default Permissions CWE-863: Incorrect Authorization •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-30997 – IBM Security Access Manager Docker privilege escalation

https://notcve.org/view.php?id=CVE-2023-30997

IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254638 https://www.ibm.com/support/pages/node/7158790 • CWE-250: Execution with Unnecessary Privileges