Page 97 of 5095 results (0.182 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-469 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

Insecure Permissions vulnerability in VITEC AvediaServer (Model avsrv-m8105) 8.6.2-1 allows a remote attacker to escalate privileges via a crafted script. • https://vuln2you.blogspot.com/2024/05/avediaserver-unauthorised-api-access.html •

CVSS: 8.8EPSS: 0%CPEs: 25EXPL: 0

Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador del sistema de archivos de registro común de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30037 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID of a user that was deleted by an Admin. • https://github.com/javahuang/SurveyKing/issues/57 • CWE-613: Insufficient Session Expiration •

CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0

Because it is possible to tamper with the directory and DLL files used during the installation process, an attacker can escalate privileges through arbitrary code execution. • https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31954 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •