Page 84 of 5093 results (0.067 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to escalate privileges to root via overwriting the binary dnscrypt-proxy. • https://github.com/go-compile/security-advisories/blob/master/vulns/CVE-2024-36587.md • CWE-266: Incorrect Privilege Assignment •

CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of an administrator. •

CVSS: 5.2EPSS: 0%CPEs: 3EXPL: 0

A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit. Una vulnerabilidad de escalada de privilegios (PE) en el agente Cortex XDR de Palo Alto Networks en dispositivos Windows permite a un usuario local ejecutar programas con privilegios elevados. Sin embargo, la ejecución requiere que el usuario local aproveche con éxito una condición de ejecución, lo que hace que esta vulnerabilidad sea difícil de explotar. • https://security.paloaltonetworks.com/CVE-2024-5907 • CWE-269: Improper Privilege Management •

CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. • https://access.redhat.com/security/cve/CVE-2024-5742 https://bugzilla.redhat.com/show_bug.cgi?id=2278574 https://lists.debian.org/debian-lts-announce/2024/06/msg00006.html https://access.redhat.com/errata/RHSA-2024:6986 https://access.redhat.com/errata/RHSA-2024:9430 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate privileges to Administrator via a crafted POST request. • https://github.com/648540858/wvp-GB28181-pro https://github.com/guipi01/WVP-GB28181 • CWE-269: Improper Privilege Management •