182 matches found
CVE-2023-35140
The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70ABTO.5 could allow an authenticated local user with read-only access to modify system settings on a vulnerable device...
CVE-2021-22015
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance...
DEBIAN-CVE-2025-20623
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Core™ processors 10th Generation may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2025-20079
Uncontrolled search path for some IntelR Advisor software may allow an authenticated user to potentially enable escalation of privilege via local access...
UBUNTU-CVE-2025-24495
Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2025-2159
Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...
CVE-2025-2159
Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...
SUSE CVE-2024-37020
Sequence of processor instructions leads to unexpected behavior in the IntelR DSA V1.0 for some IntelR XeonR Processors may allow an authenticated user to potentially enable denial of service via local access...
PT-2025-6660
Name of the Vulnerable Software and Affected Versions: IntelR Advisor versions prior to 2024.2 Description: The issue concerns an uncontrolled search path in some IntelR Advisor software, which may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2021-35028
A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands...
QVPN Device Client 代码问题漏洞
QNAP Systems QVPN Device Client is a client software from China Weilian Technology QNAP Systems that is used to manage connections to VPN servers running on QNAP devices. A code issue vulnerability exists in QVPN Device Client that stems from an insecure library loading vulnerability that allows ...
CVE-2024-36294
Insecure inherited permissions for some IntelR DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access...
intel-microcode: Race conditions in some Intel(R) Processors
A flaw was found in intel-microcode. The hardware logic contains race conditions in some IntelR processors that may allow an authenticated user to enable partial information disclosure via local access...
CVE-2024-39283
Incomplete filtering of special elements in IntelR TDX module software before version TDX1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2024-22184
Uncontrolled search path for some IntelR QuartusR Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access...
SUSE CVE-2023-22656
Out-of-bounds read in IntelR Media SDK and some IntelR oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2024-37081
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance...
CVE-2024-5523
SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could allow an authenticated local user to send a specially crafted SQL query to the 'searchString' parameter and retrieve all information stored in the database...
CVE-2024-5523 SQL injection vulnerability in Astrotalks
SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could allow an authenticated local user to send a specially crafted SQL query to the 'searchString' parameter and retrieve all information stored in the database...
CVE-2024-22026
A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance...