Page 55 of 3547 results (0.068 seconds)

CVSS: 7.3EPSS: 0%CPEs: 13EXPL: 0

Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine. This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://support.eset.com/ca8674 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. ... This vulnerability allows local attackers to escalate privileges on affected installations of Synology BC500 cameras. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://www.synology.com/en-global/security/advisory/Synology_SA_23_15 • CWE-290: Authentication Bypass by Spoofing •

CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0

Insecure permissions in kruise v1.6.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. • https://gist.github.com/HouqiyuA/43488e1d41110a5610146b87b2e88a02 • CWE-281: Improper Preservation of Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227 https://www.zerodayinitiative.com/advisories/ZDI-24-819 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Windscribe Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://github.com/Windscribe/Desktop-App/blob/90a5cc3c1f50f6545f83969c2ace6b4ac2c91c4e/client/common/changelog.txt#L23 https://www.zerodayinitiative.com/advisories/ZDI-24-820 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •