Page 95 of 5089 results (0.158 seconds)

CVSS: 8.8EPSS: %CPEs: -EXPL: 0

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session. • https://github.com/Syslifters/sysreptor/releases/tag/2024.40 https://github.com/Syslifters/sysreptor/security/advisories/GHSA-2vfc-3h43-vghh • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. • https://git.kernel.org/stable/c/09f7520048eaaee9709091cd2787966f807da7c5 https://git.kernel.org/stable/c/5cf4f52e6d8aa2d3b7728f568abbf9d42a3af252 https://git.kernel.org/stable/c/65938e81df2197203bda4b9a0c477e7987218d66 https://git.kernel.org/stable/c/5fd8e2359498043e0b5329a05f02d10a9eb91eb9 https://git.kernel.org/stable/c/561e4f9451d65fc2f7eef564e0064373e3019793 https://access.redhat.com/security/cve/CVE-2024-35880 https://bugzilla.redhat.com/show_bug.cgi?id=2281713 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. • https://www.tenable.com/security/tns-2024-09 • CWE-281: Improper Preservation of Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. • https://www.tenable.com/security/tns-2024-08 • CWE-281: Improper Preservation of Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-469 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •