485 matches found
PT-2025-1012 · Sonicwall · Gen7 Sonicos Cloud Platform Nsv
Name of the Vulnerable Software and Affected Versions: Gen7 SonicOS Cloud platform NSv affected versions not specified Description: The issue is related to insecure privilege management in the configuration function of the SSH cloud platform. It allows a remote authenticated attacker with low...
The vulnerability of the EVGA Precision X1 system’s software relates to the unsafe use of privileges, allowing a violator to increase their privileges.
The vulnerability of the EVGA Precision X1 system’s software relates to insecure handling of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to “NT AUTHORITY\SYSTEM” by associating \Device\PhysicalMemory with the calling process...
The vulnerability of Imagination Technologies’ component in the Android operating system allows a hacker to increase their privileges and gain full access to the device.
The vulnerability of Imagination Technologies’ Android operating system component relates to insecure privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges and gain full access to the device...
The vulnerability of the Microsoft Partner Center software lies in the insecure management of privileges, allowing attackers to escalate their privileges.
The vulnerability of the Microsoft Partner Center cloud platform is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...
Ivanti Workspace Control 安全漏洞
Ivanti Workspace Control is a desktop management solution from Ivanti. Ivanti Workspace Control suffers from an elevation of privilege vulnerability that originates from an insecure privilege setting. An attacker can exploit the vulnerability to elevate privileges...
Silicon Labs Z-Wave 700和Silicon Labs Z-Wave 800 安全漏洞
Silicon Labs Z-Wave 700 SiLabs Z-Wave 800 and Silicon Labs Z-Wave 800 SiLabs Z-Wave 800 are a series of chips from Silicon Labs, Inc. in the United States. A security vulnerability exists in Silicon Labs Z-Wave 700 and Silicon Labs Z-Wave 800 version v7.21.1, which stems from insecure privilege...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an insecure privilege vulnerability. An attacker exploiting this vulnerability could execute arbitrary code via the dynparamhandler component...
The vulnerability of the khugepaged component in the Linux operating system’s kernel allows a hacker to read and manipulate data.
The vulnerability of the khugepaged component in the Linux operating system’s kernel is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to read and manipulate data...
The vulnerability of the Session Recording component of software for virtualization and application delivery in Citrix Virtual Apps and Desktops (formerly XenApp and XenDesktop) allows a attacker to execute arbitrary code.
The vulnerability of the Session Recording component of the software for virtualizing and delivering Citrix Virtual Apps and Desktops formerly XenApp and XenDesktop is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to elevate their privileges and...
CVE-2024-9500 Autodesk ADP Desktop SDK Privilege Escalation Vulnerability
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...
The software for configuring, monitoring, and controlling industrial equipment, Easergy Studio, has vulnerabilities related to insecure management of privileges. This allows attackers to escalate their privileges.
The vulnerability of the Easergy Studio software for configuring, monitoring, and controlling industrial equipment is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges by modifying binary data...
The vulnerability of the ManageEngine Endpoint Central MSP, a software solution for remote monitoring and management of desktop PCs, servers, laptops, and mobile devices, stems from insecure privilege management. This allows attackers to delete any files they desire.
The vulnerability of the ManageEngine Endpoint Central MSP, a software solution for remote monitoring and management of desktop PCs, servers, laptops, and mobile devices, lies in the insecure management of privileges. Exploiting this vulnerability could allow an attacker to delete any files they...
The vulnerability of the Android Framework component of the Android operating system allows attackers to elevate their privileges and gain unauthorized access to directories such as Android/data, Android/obb, and Android/sandbox.
The vulnerability of the Android Framework component of the Android operating system is related to insecure management of privileges. Exploiting this vulnerability allows a remote attacker to enhance their privileges and gain unauthorized access to directories such as Android/data, Android/obb, a...
The vulnerability of the Guest Agent Service emulation software for hardware infrastructure provided by QEMU allows a hacker to elevate their privileges within the system.
The vulnerability of the Guest Agent Service emulation software for hardware devices based on QEMU is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges within the system...
The vulnerability of the application software interface of the operating system PAN-OS allows a perpetrator to enhance their privileges.
The vulnerability of the application programming interface of the PAN-OS operating system is related to insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system allows a hacker to increase their privileges.
The vulnerability of the Ultimate Membership Pro plugin of the WordPress content management system is related to insecure management of privileges. Exploiting this vulnerability can allow a hacker to increase their privileges...
The vulnerability of the RunJar.run() function on the distributed development and execution platform for Apache Hadoop allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the RunJar.run function on the distributed development and execution platform for Apache Hadoop is related to insecure privilege management. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerabilities in the software for creating and managing graphical user interfaces on Rockwell Automation’s 2800C OptixPanel Compact, 2800S OptixPanel Standard, and Embedded Edge Compute Module – the computing module for supporting production automation software infrastructure – allow attackers to obtain user credentials and enhance their privileges.
The vulnerability of software tools for creating and managing graphical user interfaces on Rockwell Automation’s 2800C OptixPanel Compact, 2800S OptixPanel Standard, and Embedded Edge Compute Module devices relates to insecure privilege management. Exploiting this vulnerability can allow an...
The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization, related to insecure privilege management, allows a intruder to gain unauthorized access to arbitrary functions.
The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to gain unauthorized access to arbitrary functions...
PT-2024-6522 · Rockwell Automation · Rockwell Automation Pavilion8
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Pavilion8 affected versions not specified Description: The issue is related to insecure privilege management, allowing a threat actor to view sensitive information and change settings due to an incorrect privilege matrix...