Lucene search
K

543 matches found

NVD
NVD
added 2025/08/29 3:15 a.m.5 views

CVE-2025-58323

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks...

7.7CVSS0.00126EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/29 1:41 a.m.8 views

CVE-2025-58323

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks...

0.00126EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.7 views

PT-2025-35173

Name of the Vulnerable Software and Affected Versions: NAVER MYBOX Explorer for Windows versions prior to 3.0.8.133 Description: NAVER MYBOX Explorer for Windows is susceptible to a local privilege escalation issue. A local attacker can elevate privileges to NT AUTHORITYSYSTEM by executing...

7.7CVSS6.5AI score0.00126EPSS
Exploits0References6
NVD
NVD
added 2025/08/28 8:15 a.m.7 views

CVE-2025-58322

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks...

7.8CVSS0.00111EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/28 8:2 a.m.8 views

CVE-2025-58322

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks...

0.00111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.8 views

PT-2025-34971

Name of the Vulnerable Software and Affected Versions: NAVER MYBOX Explorer for Windows versions prior to 3.0.8.133 Description: NAVER MYBOX Explorer for Windows is susceptible to local privilege escalation. A local attacker can execute arbitrary commands and escalate privileges to NT...

7.8CVSS6.9AI score0.00111EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/08/24 12:13 a.m.6 views

CVE-2025-55627

Insufficient privilege verification in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 allows authenticated attackers to create accounts with elevated privileges...

5.3CVSS7.2AI score0.00222EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/01 12:0 a.m.2 views

GLPI Privilege License and Access Control Issues Vulnerability (CNVD-2025-17791)

GLPI is a free asset and IT management software suite that provides ITIL service desk functionality, license tracking and software auditing. A security vulnerability exists in GLPI versions 9.1.0 through 10.0.18, which stems from a failure to perform privilege checks on specific resource deletion...

4.3CVSS6.9AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/30 12:0 a.m.3 views

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed for Mac computers by Apple, Inc. A security vulnerability exists in Apple macOS that stems from insufficient privilege checking and could lead to accessing sensitive user data. The following products and versions are affected: macOS Sonoma...

4CVSS6.1AI score0.00202EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/30 12:0 a.m.5 views

GLPI 安全漏洞

GLPI is a free asset and IT management software suite that provides ITIL service desk functionality, license tracking and software auditing. A security vulnerability exists in GLPI versions 9.1.0 through 10.0.18, which stems from a failure to perform privilege checks on specific resource deletion...

4.3CVSS6.8AI score0.00194EPSS
Exploits0References1
Gitee
Gitee
added 2025/07/27 4:59 a.m.86 views

OSCP

OSCP Hello world! This repo contain some of the scripts, exploits, and documents made during my OSCP journey. The list include but not limited to the following: LinuxPrivCheck.sh Yes, there are far better scripts out there, However this one has less output to go thru and it has colors. Think basi...

8.2AI score
Exploits0
CNNVD
CNNVD
added 2025/06/19 12:0 a.m.4 views

WordPress plugin GiveWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS6.4AI score0.00259EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/23 10:3 a.m.7 views

CVE-2024-20324

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and sho...

5.5CVSS6.9AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.6 views

CVE-2023-0328

The WPCode WordPress plugin before 2.0.7 does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication such as update and delete...

4.3CVSS6.1AI score0.00801EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.5 views

CVE-2023-0405

The GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training WordPress plugin before 1.4.38 does not perform any kind of nonce or privilege checks before letting logged-in users modify arbitrary posts...

5.4CVSS5AI score0.00512EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:25 a.m.10 views

CVE-2023-3209

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

3.5CVSS6.8AI score0.00234EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:26 p.m.6 views

CVE-2022-4004

The Donation Button WordPress plugin through 4.0.0 does not properly check for privileges and nonce tokens in its "donationbuttontwiliosendtestsms" AJAX action, which may allow any users with an account on the affected site, like subscribers, to use the plugin's Twilio integration to send SMSes t...

4.3CVSS5AI score0.00486EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:12 p.m.6 views

CVE-2020-8145

The UniFi Video Server Windows web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLICGROUP or CUSTOMGROUP groups, can access these endpoints and overwrite the current...

6.5CVSS6.8AI score0.01121EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:55 a.m.13 views

CVE-2019-19802

In Gallagher Command Centre Server v8.10 prior to v8.10.1134MR4, v8.00 prior to v8.00.1161MR5, v7.90 prior to v7.90.991MR5, v7.80 prior to v7.80.960MR2 and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without...

6.5CVSS6.8AI score0.00752EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/07 12:0 a.m.6 views

Google Android elevation of privilege vulnerability (CNVD-2025-07522)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from the program's failure to perform privilege checks, and can be exploited by an attacker to gain privileges and elevate privileges without...

7.8CVSS7AI score0.00073EPSS
Exploits0References1
Rows per page
Query Builder