Lucene search
K

416 matches found

bdu_fstec
bdu_fstec
added 2025/03/26 12:0 a.m.8 views

The vulnerability of the org.xwiki.platform:xwiki-platform-security-authorization-api component of the XWiki Platform, a platform for creating collaborative web applications. This vulnerability allows an attacker to gain unauthorized access to protected information.

The vulnerability of the org.xwiki.platform:xwiki-platform-security-authorization-api component of the XWiki Platform lies in the insecure management of privileges. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.4AI score0.00371EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2025/03/13 12:0 a.m.7 views

The vulnerability of the Splunk App for SOAR software lies in its insecure management of privileges, allowing attackers to elevate their privileges.

The vulnerability of the Splunk App for SOAR software relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

6.6CVSS5.4AI score0.00255EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2025/03/05 12:0 a.m.6 views

The vulnerability of the tool for configuring and managing Linux operating system’s iptables packet filtering rules stems from insecure privilege management, allowing a malicious actor to execute arbitrary bash commands.

The vulnerability of the tool for configuring and managing iptables packet filtering rules in Linux operating systems is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to execute arbitrary bash commands by adding comments to security rules fro...

7.8CVSS6AI score
Exploits0References2Affected Software3
redos
redos
added 2025/03/03 12:0 a.m.4 views

ROS-20250303-03

A vulnerability in the Linux operating system's dmidecode utility is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.1CVSS7.1AI score0.00523EPSS
Exploits1
bdu_fstec
bdu_fstec
added 2025/02/14 12:0 a.m.15 views

The vulnerability of the distributed database management system Apache Cassandra lies in its insecure handling of privileges, allowing attackers to elevate their own privileges.

The vulnerability of the distributed database management system Apache Cassandra lies in the insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS7.5AI score0.00964EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2025/02/11 12:0 a.m.8 views

The vulnerability of the VMware Aria Operations for Logs network log analysis tool, related to insecure privilege management, allows an attacker to perform certain operations in the context of the administrative user.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to perform certain operations from the perspective of a user administrating the system remotely...

4.3CVSS8AI score0.00317EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2025/02/11 12:0 a.m.8 views

The vulnerability of the VMware Aria Operations for Logs network log analysis tool arises due to the lack of security measures taken to protect the website structure. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor, operating remotely, to perform certain operations from the perspective of a user administrating the syst...

9CVSS8.1AI score0.00642EPSS
Exploits0References4Affected Software1
redhatcve
redhatcve
added 2025/02/05 4:27 a.m.12 views

CVE-2024-9500

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

7.8CVSS7.2AI score0.00189EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2025/01/23 12:0 a.m.10 views

The vulnerability of the Microsoft AutoUpdate (MAU) application for Mac, which manages privileges in a non-safe manner, allows a malicious individual to escalate their privileges.

The vulnerability of the Microsoft AutoUpdate MAU for Mac application related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to escalate their privileges...

7.8CVSS7.7AI score0.0044EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/01/14 12:0 a.m.2 views

PT-2025-1059 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to insecure privilege management in the Windows Installer component of Windows operating systems. It allows an attacker to elevate their privileges to the lev...

7.8CVSS9.3AI score0.00538EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2025/01/14 12:0 a.m.3 views

PT-2025-1242 · Microsoft · Autoupdate (Mau) For Mac

Name of the Vulnerable Software and Affected Versions: Microsoft AutoUpdate MAU for Mac affected versions not specified Description: The issue is related to insecure privilege management in Microsoft AutoUpdate MAU for Mac, which can allow an attacker to elevate their privileges. Recommendations:...

7.8CVSS9.3AI score0.0044EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2025/01/14 12:0 a.m.14 views

The vulnerability in the web interface for managing Zyxel network devices allows a perpetrator to escalate their privileges.

The vulnerability of the web interface for managing Zyxel network devices involves insecure management of privileges. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the level of an administrator and upload configuration files...

9CVSS5.5AI score0.00516EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2025/01/13 12:0 a.m.6 views

The vulnerability of the VCM software, a security tool from Fortinet for Linux systems, relates to insecure privilege management. This vulnerability allows an attacker to elevate their privileges to the root level.

The vulnerability of the VCM software, a security tool from Fortinet’s FortiClient for Linux, is related to insecure management of privileges. Exploiting this vulnerability allows an attacker, operating remotely, to elevate their privileges to the root level...

8.8CVSS5.4AI score0.00227EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2025/01/07 12:0 a.m.3 views

PT-2025-1012 · Sonicwall · Gen7 Sonicos Cloud Platform Nsv

Name of the Vulnerable Software and Affected Versions: Gen7 SonicOS Cloud platform NSv affected versions not specified Description: The issue is related to insecure privilege management in the configuration function of the SSH cloud platform. It allows a remote authenticated attacker with low...

7.8CVSS9.3AI score0.00336EPSS
Exploits0References15
bdu_fstec
bdu_fstec
added 2024/12/16 12:0 a.m.6 views

The vulnerability of Imagination Technologies’ component in the Android operating system allows a hacker to increase their privileges and gain full access to the device.

The vulnerability of Imagination Technologies’ Android operating system component relates to insecure privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges and gain full access to the device...

7.2CVSS5.5AI score0.00079EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2024/12/12 12:0 a.m.7 views

The vulnerability of the Microsoft Partner Center software lies in the insecure management of privileges, allowing attackers to escalate their privileges.

The vulnerability of the Microsoft Partner Center cloud platform is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

8.7CVSS8.1AI score0.01339EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/12/10 12:0 a.m.6 views

Silicon Labs Z-Wave 700和Silicon Labs Z-Wave 800 安全漏洞

Silicon Labs Z-Wave 700 SiLabs Z-Wave 800 and Silicon Labs Z-Wave 800 SiLabs Z-Wave 800 are a series of chips from Silicon Labs, Inc. in the United States. A security vulnerability exists in Silicon Labs Z-Wave 700 and Silicon Labs Z-Wave 800 version v7.21.1, which stems from insecure privilege...

8.8CVSS6.8AI score0.00449EPSS
Exploits1References1
bdu_fstec
bdu_fstec
added 2024/12/03 12:0 a.m.19 views

The vulnerability of the khugepaged component in the Linux operating system’s kernel allows a hacker to read and manipulate data.

The vulnerability of the khugepaged component in the Linux operating system’s kernel is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to read and manipulate data...

4.4CVSS6.7AI score0.0021EPSS
Exploits0References10Affected Software5
bdu_fstec
bdu_fstec
added 2024/11/22 12:0 a.m.5 views

The vulnerability of the Session Recording component of software for virtualization and application delivery in Citrix Virtual Apps and Desktops (formerly XenApp and XenDesktop) allows a attacker to execute arbitrary code.

The vulnerability of the Session Recording component of the software for virtualizing and delivering Citrix Virtual Apps and Desktops formerly XenApp and XenDesktop is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to elevate their privileges and...

5.5CVSS8.3AI score0.01399EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2024/11/15 9:24 p.m.74 views

CVE-2024-9500 Autodesk ADP Desktop SDK Privilege Escalation Vulnerability

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

7.8CVSS0.00189EPSS
Exploits0References1
Rows per page
Query Builder