Page 85 of 3547 results (0.019 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-37400 – IBM Aspera Faspex privilege escalation

https://notcve.org/view.php?id=CVE-2023-37400

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. • https://exchange.xforce.ibmcloud.com/vulnerabilities/259677 https://www.ibm.com/support/pages/node/7148631 • CWE-522: Insufficiently Protected Credentials •

CVSS: 8.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2024-22186 – Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking

https://notcve.org/view.php?id=CVE-2024-22186

An attacker logged in as guest can escalate his privileges by poisoning the cookie to become administrator. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •

CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0

CVE-2024-24910 – Local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server via crafted DLL file

https://notcve.org/view.php?id=CVE-2024-24910

A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. • https://support.checkpoint.com/results/sk/sk182219 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2024-26907 – RDMA/mlx5: Fix fortify source warning while accessing Eth segment

https://notcve.org/view.php?id=CVE-2024-26907

Certain scenarios could lead to a use-after-free issue, potentially allowing an attacker to escalate their privileges or affect system integrity or stability. • https://git.kernel.org/stable/c/d27c48dc309da72c3b46351a1205d89687272baa https://git.kernel.org/stable/c/60ba938a8bc8c90e724c75f98e932f9fb7ae1b9d https://git.kernel.org/stable/c/cad82f1671e41094acd3b9a60cd27d67a3c64a21 https://git.kernel.org/stable/c/9a624a5f95733bac4648ecadb320ca83aa9c08fd https://git.kernel.org/stable/c/185fa07000e0a81d54cf8c05414cebff14469a5c https://git.kernel.org/stable/c/4d5e86a56615cc387d21c629f9af8fb0e958d350 https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://access.redhat.com/security/cve/CVE-2024 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') CWE-416: Use After Free •

CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-21121 – Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2024-21121

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • https://www.oracle.com/security-alerts/cpuapr2024.html •