Page 90 of 3547 results (0.227 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool component. • https://www.clamxav.com/version-history • CWE-250: Execution with Unnecessary Privileges

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

Microsoft Install Service Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 6.0EPSS: 0%CPEs: -EXPL: 1

Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php Vulnerabilidad de Cross Site Request Forgery en GNU Savane v.3.12 y anteriores permite a un atacante remoto escalar privilegios a través de siteadmin/usergroup.php • https://github.com/ally-petitt/CVE-2024-27631 https://git.savannah.nongnu.org/cgit/administration/savane.git/commit/?h=i18n&id=d3962d3feb75467489b869204db98e2dffaaaf09 https://medium.com/%40allypetitt/how-i-found-3-cves-in-2-days-8a135eb924d3 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: -EPSS: 0%CPEs: -EXPL: 1

An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function. • https://github.com/ally-petitt/CVE-2024-27632 https://medium.com/%40allypetitt/how-i-found-3-cves-in-2-days-8a135eb924d3 • CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote attackers to escalate privileges and obtain sensitive information. • https://gist.github.com/tr4pmaker/44442d6f068458175213f4ba71da1312 • CWE-259: Use of Hard-coded Password •