8456 results (0.012 seconds)

CVSS: 8.4EPSS: %CPEs: 4EXPL: 0

08 Jul 2025 — An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation. • https://certvde.com/de/advisories/VDE-2025-019 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.8EPSS: %CPEs: 4EXPL: 0

08 Jul 2025 — A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root. • https://certvde.com/de/advisories/VDE-2025-014 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: %CPEs: 4EXPL: 0

08 Jul 2025 — A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation. • https://certvde.com/de/advisories/VDE-2025-014 • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: %CPEs: 1EXPL: 0

08 Jul 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: %CPEs: -EXPL: 0

08 Jul 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: %CPEs: -EXPL: 0

08 Jul 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: %CPEs: -EXPL: 0

08 Jul 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: %CPEs: 1EXPL: 0

08 Jul 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-122: Heap-based Buffer Overflow •

CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0

07 Jul 2025 — An attacker with local access to the system or the application's installation directory could extract these credentials, potentially leading to a complete compromise of the application's administrative functions. ... An attacker with local access to the system or the application's installation directory could extract these credentials, potentially leading to a complete compromise of the application's administrative functions. • https://cert.pl/en/posts/2025/07/CVE-2025-3920 • CWE-259: Use of Hard-coded Password •

CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0

07 Jul 2025 — This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Client. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a target user. •