Page 63 of 3547 results (0.028 seconds)

CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0

If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. • https://access.redhat.com/security/cve/CVE-2024-5742 https://bugzilla.redhat.com/show_bug.cgi?id=2278574 https://lists.debian.org/debian-lts-announce/2024/06/msg00006.html https://access.redhat.com/errata/RHSA-2024:6986 https://access.redhat.com/errata/RHSA-2024:9430 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate privileges to Administrator via a crafted POST request. • https://github.com/648540858/wvp-GB28181-pro https://github.com/guipi01/WVP-GB28181 • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0

Microsoft Streaming Service Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del servicio de transmisión de Microsoft This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30089 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 5

Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://github.com/exploits-forsale/collateral-damage https://github.com/tykawaii98/CVE-2024-30088 https://github.com/Zombie-Kaiser/CVE-2024-30088-Windows-poc https://github.com/Admin9961/CVE-2024-30088 https://github.com/NextGenPentesters/CVE-2024-30088- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30088 - • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0

Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30087 • CWE-20: Improper Input Validation •