Lucene search
K

53 matches found

NVD
NVD
added 2018/06/14 12:29 p.m.16 views

CVE-2018-8219

An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

8.8CVSS8.9AI score0.01085EPSS
Exploits0References3
OSV
OSV
added 2018/03/28 10:29 p.m.4 views

CVE-2018-0152

A vulnerability in the web-based user interface web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability exists because the affected software does not reset the privilege level for each web UI session. An...

8.8CVSS5.8AI score0.03319EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2018/03/28 5:35 p.m.51 views

Cisco Patches Two Critical RCE Bugs in IOS XE Software

Three critical vulnerabilities were patched by Cisco Systems on Wednesday, each tied to the company’s widely used internetworking operating system IOS XE. Two of the bugs are remote code execution vulnerabilities that could allow an attacker to take control over affected systems. The critical bug...

10CVSS2.5AI score0.9951EPSS
Exploits2References5
NVD
NVD
added 2017/12/21 5:29 p.m.24 views

CVE-2017-6167

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected...

8.5CVSS7.6AI score0.01062EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/12/21 5:0 p.m.30 views

CVE-2017-6167

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected...

7.6AI score0.01062EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2017/06/13 7:0 a.m.53 views

Hypervisor code integrity elevation of privilege vulnerability: June 13, 2017

Hypervisor code integrity elevation of privilege vulnerability: June 13, 2017 Summary An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels. An attacker who successfully exploited this vulnerability could gain elevated...

7.8CVSS8.1AI score0.01097EPSS
Exploits0
exploitpack
exploitpack
added 2017/03/08 12:0 a.m.42 views

Navetti PricePoint 4.6.0.0 - SQL Injection Cross-Site Scripting Cross-Site Request Forgery

Navetti PricePoint 4.6.0.0 - SQL Injection Cross-Site Scripting Cross-Site Request Forgery ======================================================================= title: Multiple vulnerabilities product: Navetti PricePoint vulnerable version: 4.6.0.0 fixed version: 4.7.0.0 or higher CVE number: -...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2014/03/26 11:14 a.m.7 views

GUI Bugs Expose Information Disclosure, Privilege Escalation

Developers are creating countless information disclosure and privilege escalation vulnerabilities by misusing elements of various graphical user interfaces as a mechanisms for access control, according to a new research paper from the Northeastern University College of Computer and Information...

Exploits0
Packet Storm
Packet Storm
added 2012/05/12 12:0 a.m.37 views

NEC Backdoor Administrative Account

H! NEC Corp. has a product line of high perfomance servers - http://www.nec.com.sg/index.php?q=products/enterprise-servers In the documentations it is said that there is two user privilege levels: 1. Common user - who can monitor the system status 2. Admin user - for configuring system hardware b...

0.4AI score
Exploits0
Ubuntu
Ubuntu
added 2006/08/16 4:47 p.m.82 views

USN-334-1: krb5 vulnerabilities

Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid to fail via resource starvation. In that situation, the tools wil...

7.2CVSS8AI score0.00512EPSS
Exploits0
NVD
NVD
added 2006/07/18 3:37 p.m.13 views

CVE-2006-3595

The default configuration of IOS HTTP server in Cisco Router Web Setup CRWS before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190...

7.5CVSS6.8AI score0.0421EPSS
Exploits0References9
securityvulns
securityvulns
added 2002/12/11 12:0 a.m.57 views

[NEWS] Directory Traversal Vulnerabilities in FTP Clients

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion Beyond Security would like to welcome Tiscali World Online to our service provider team. For more info on their service offering IP-Secure,...

5CVSS6.1AI score0.04249EPSS
Exploits0
exploitpack
exploitpack
added 1999/12/10 12:0 a.m.14 views

Microsoft Windows 9598NT 4.0 - Help File Backdoor

Microsoft Windows 9598NT 4.0 - Help File Backdoor source: https://www.securityfocus.com/bid/868/info The help files for the Windows Help system .cnt, .hlp can be edited so that they run an arbitrary executable when selected by a user. The executable will run at the privelege level of the user. Th...

7.4AI score
Exploits0
Rows per page
Query Builder