27 matches found
CVE-2025-2183
An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root...
Palo Alto Networks GlobalProtect 安全漏洞
Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides features such as firewall monitoring and threat prevention. A security vulnerability exists in Palo Alto Networks GlobalProtect, which stems from an improper assignment o...
Palo Alto Networks GlobalProtect app 安全漏洞
Palo Alto Networks GlobalProtect app is a network protection software from Palo Alto Networks. A security vulnerability exists in the Palo Alto Networks GlobalProtect app, which stems from an improperly assigned privilege that could result in a locally authenticated non-administrative user...
CVE-2025-0131
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However,...
CVE-2024-5921
An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root...
open-vm-tools: local root privilege escalation in the virtual machine
A flaw was found in open-vm-tools. A malicious actor with local non-administrative access to the guest operating system can escalate privileges as a root user in the virtual machine...
CVE-2017-12699
An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. Local, non-administrative users may be able to replace or modify original application files with malicious ones...