Page 69 of 3053 results (0.100 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://kb.netgear.com/000066164/Security-Advisory-for-Multiple-Vulnerabilities-on-the-NMS300-PSV-2024-0003-PSV-2024-0004 https://www.zerodayinitiative.com/advisories/ZDI-24-496 • CWE-1392: Use of Default Credentials •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-491 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

An issue in MarvinTest Solutions Hardware Access Driver v.5.0.3.0 and before and fixed in v.5.0.4.0 allows a local attacker to escalate privileges via the Hw65.sys component. • https://northwave-cybersecurity.com/vulnerability-notice-hardware-access-driver-marvintest-solutions • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local attacker to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component. • https://www.terabyteunlimited.com/image-for-windows • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session. • https://github.com/Syslifters/sysreptor/releases/tag/2024.40 https://github.com/Syslifters/sysreptor/security/advisories/GHSA-2vfc-3h43-vghh • CWE-352: Cross-Site Request Forgery (CSRF) •