Lucene search
K

485 matches found

Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.2 views

PT-2025-1012 · Sonicwall · Gen7 Sonicos Cloud Platform Nsv

Name of the Vulnerable Software and Affected Versions: Gen7 SonicOS Cloud platform NSv affected versions not specified Description: The issue is related to insecure privilege management in the configuration function of the SSH cloud platform. It allows a remote authenticated attacker with low...

7.8CVSS9.3AI score0.00336EPSS
Exploits0References15
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.4 views

The vulnerability of the EVGA Precision X1 system’s software relates to the unsafe use of privileges, allowing a violator to increase their privileges.

The vulnerability of the EVGA Precision X1 system’s software relates to insecure handling of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to “NT AUTHORITY\SYSTEM” by associating \Device\PhysicalMemory with the calling process...

7.8CVSS7.5AI score0.00605EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.5 views

The vulnerability of Imagination Technologies’ component in the Android operating system allows a hacker to increase their privileges and gain full access to the device.

The vulnerability of Imagination Technologies’ Android operating system component relates to insecure privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges and gain full access to the device...

7.2CVSS5.5AI score0.00079EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.5 views

The vulnerability of the Microsoft Partner Center software lies in the insecure management of privileges, allowing attackers to escalate their privileges.

The vulnerability of the Microsoft Partner Center cloud platform is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

8.7CVSS8.1AI score0.01339EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/11 12:0 a.m.3 views

Ivanti Workspace Control 安全漏洞

Ivanti Workspace Control is a desktop management solution from Ivanti. Ivanti Workspace Control suffers from an elevation of privilege vulnerability that originates from an insecure privilege setting. An attacker can exploit the vulnerability to elevate privileges...

7.8CVSS7.1AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.3 views

Silicon Labs Z-Wave 700和Silicon Labs Z-Wave 800 安全漏洞

Silicon Labs Z-Wave 700 SiLabs Z-Wave 800 and Silicon Labs Z-Wave 800 SiLabs Z-Wave 800 are a series of chips from Silicon Labs, Inc. in the United States. A security vulnerability exists in Silicon Labs Z-Wave 700 and Silicon Labs Z-Wave 800 version v7.21.1, which stems from insecure privilege...

8.8CVSS6.8AI score0.0044EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.2 views

Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an insecure privilege vulnerability. An attacker exploiting this vulnerability could execute arbitrary code via the dynparamhandler component...

9.8CVSS7.7AI score0.00677EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.5 views

The vulnerability of the khugepaged component in the Linux operating system’s kernel allows a hacker to read and manipulate data.

The vulnerability of the khugepaged component in the Linux operating system’s kernel is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to read and manipulate data...

4.4CVSS6.7AI score0.0021EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/11/22 12:0 a.m.5 views

The vulnerability of the Session Recording component of software for virtualization and application delivery in Citrix Virtual Apps and Desktops (formerly XenApp and XenDesktop) allows a attacker to execute arbitrary code.

The vulnerability of the Session Recording component of the software for virtualizing and delivering Citrix Virtual Apps and Desktops formerly XenApp and XenDesktop is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to elevate their privileges and...

5.5CVSS8.3AI score0.01399EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/11/15 9:24 p.m.66 views

CVE-2024-9500 Autodesk ADP Desktop SDK Privilege Escalation Vulnerability

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

7.8CVSS0.00189EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.7 views

The software for configuring, monitoring, and controlling industrial equipment, Easergy Studio, has vulnerabilities related to insecure management of privileges. This allows attackers to escalate their privileges.

The vulnerability of the Easergy Studio software for configuring, monitoring, and controlling industrial equipment is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges by modifying binary data...

7.8CVSS5.5AI score0.00172EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.4 views

The vulnerability of the ManageEngine Endpoint Central MSP, a software solution for remote monitoring and management of desktop PCs, servers, laptops, and mobile devices, stems from insecure privilege management. This allows attackers to delete any files they desire.

The vulnerability of the ManageEngine Endpoint Central MSP, a software solution for remote monitoring and management of desktop PCs, servers, laptops, and mobile devices, lies in the insecure management of privileges. Exploiting this vulnerability could allow an attacker to delete any files they...

7CVSS5.5AI score0.00316EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.7 views

The vulnerability of the Android Framework component of the Android operating system allows attackers to elevate their privileges and gain unauthorized access to directories such as Android/data, Android/obb, and Android/sandbox.

The vulnerability of the Android Framework component of the Android operating system is related to insecure management of privileges. Exploiting this vulnerability allows a remote attacker to enhance their privileges and gain unauthorized access to directories such as Android/data, Android/obb, a...

10CVSS7.6AI score0.00714EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/05 12:0 a.m.4 views

The vulnerability of the Guest Agent Service emulation software for hardware infrastructure provided by QEMU allows a hacker to elevate their privileges within the system.

The vulnerability of the Guest Agent Service emulation software for hardware devices based on QEMU is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges within the system...

7.8CVSS6.8AI score0.00308EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.3 views

The vulnerability of the application software interface of the operating system PAN-OS allows a perpetrator to enhance their privileges.

The vulnerability of the application programming interface of the PAN-OS operating system is related to insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

6.5CVSS5.5AI score0.00282EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.5 views

The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system allows a hacker to increase their privileges.

The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system is related to insecure management of privileges. Exploiting this vulnerability can allow a hacker to increase their privileges...

10CVSS5.8AI score0.00549EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.4 views

The vulnerability of the RunJar.run() function on the distributed development and execution platform for Apache Hadoop allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the RunJar.run function on the distributed development and execution platform for Apache Hadoop is related to insecure privilege management. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

3.3CVSS5.7AI score0.00383EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/04 12:0 a.m.4 views

The vulnerabilities in the software for creating and managing graphical user interfaces on Rockwell Automation’s 2800C OptixPanel Compact, 2800S OptixPanel Standard, and Embedded Edge Compute Module – the computing module for supporting production automation software infrastructure – allow attackers to obtain user credentials and enhance their privileges.

The vulnerability of software tools for creating and managing graphical user interfaces on Rockwell Automation’s 2800C OptixPanel Compact, 2800S OptixPanel Standard, and Embedded Edge Compute Module devices relates to insecure privilege management. Exploiting this vulnerability can allow an...

9CVSS5.5AI score0.01284EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/02 12:0 a.m.6 views

The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization, related to insecure privilege management, allows a intruder to gain unauthorized access to arbitrary functions.

The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to gain unauthorized access to arbitrary functions...

8CVSS5.6AI score0.00452EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.3 views

PT-2024-6522 · Rockwell Automation · Rockwell Automation Pavilion8

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Pavilion8 affected versions not specified Description: The issue is related to insecure privilege management, allowing a threat actor to view sensitive information and change settings due to an incorrect privilege matrix...

9.1CVSS6.7AI score0.00452EPSS
Exploits0References8
Rows per page
Query Builder