Lucene search
+L

121 matches found

nvd
nvd
added 2020/09/17 9:15 p.m.15 views

CVE-2020-0275

In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. This could lead to local escalation of privilege, with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS0.00163EPSS
Exploits0References1
nvd
nvd
added 2020/09/15 2:15 p.m.16 views

CVE-2020-23451

Spiceworks Version = 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function...

8.8CVSS0.00588EPSS
Exploits1References1
cvelist
cvelist
added 2020/09/15 1:15 p.m.27 views

CVE-2020-23451

Spiceworks Version = 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function...

8.9AI score0.00588EPSS
Exploits1References1
nessus
nessus
added 2020/09/11 12:0 a.m.40 views

openSUSE Security Update : MozillaFirefox (openSUSE-2020-1391)

This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.2.0 ESR - Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 - CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Servic...

9.3CVSS7.6AI score0.02716EPSS
Exploits0References6
ubuntucve
ubuntucve
added 2020/08/21 7:15 p.m.52 views

CVE-2020-14201

Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which "disabled" is changed to "enabled" in the HTML source code...

6.5CVSS6.7AI score0.01629EPSS
Exploits1References3
veracode
veracode
added 2020/06/24 5:7 a.m.26 views

Privilege Escalation

openstack keystone is vulnerable to privilege escalation. The library does not properly enforce the role parameters associated to an OAuth1 access token. A keystone token containing every role assignment is assigned to a low-privileged user, granting the user more access than required...

8.8CVSS5.8AI score0.01896EPSS
Exploits0References8Affected Software3
ubuntucve
ubuntucve
added 2020/04/30 5:15 p.m.28 views

CVE-2020-12050

SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library...

7CVSS7.1AI score0.00308EPSS
Exploits0References5
exploitdb
exploitdb
added 2020/02/05 12:0 a.m.189 views

xglance-bin 11.00 - Privilege Escalation

Exploit Title: xglance-bin 11.00 - Privilege Escalation Exploit Author: Robert Jaroszuk and Marco Ortisi RedTimmy Security Date: 2020-02-01 Tested on: RHEL 5.x/6.x/7.x/8.x CVE: CVE-2014-2630 Disclamer: This exploit is for educational purpose only More details on...

4.4CVSS6.4AI score0.0708EPSS
Exploits9
exploitdb
exploitdb
added 2019/11/12 12:0 a.m.117 views

eMerge E3 1.00-06 - Privilege Escalation

Exploit Title: eMerge E3 1.00-06 - Privilege Escalation Google Dork: NA Date: 2018-09-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version: 1.00-06 Tested on: NA CVE : CVE-2019-7254,...

8.8CVSS8.4AI score0.82036EPSS
Exploits10
cve
cve
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9350

CVE-2019-9350 corresponds to an Elevation of Privilege in Android 10 Keymaster, caused by a use-after-free in a component handling crypto operations. This vulnerability could allow a local attacker to escalate privileges without additional execution privileges or user interaction, as described ac...

7.8CVSS8.1AI score0.00156EPSS
Exploits0References1Affected Software1
zdt
zdt
added 2019/09/26 12:0 a.m.71 views

ABRT - sosreport Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges on RHEL systems with a vulnerable version of Automatic Bug Reporting Tool ABRT configured as the crash handler. sosreport uses an insecure temporary directory, allowing local users to write to arbitrary files CVE-2015-5287. This module has...

6.9CVSS0.03268EPSS
Exploits17
fedora
fedora
added 2019/09/04 4:7 a.m.27 views

[SECURITY] Fedora 29 Update: python-mitogen-0.2.8-1.fc29

Mitogen is a Python library for writing distributed self-replicating progra ms. There is no requirement for installing packages, copying files around, writ ing shell snippets, upfront configuration, or providing any secondary link to a remote machine aside from an SSH connection. Due to its origi...

9.8CVSS1.2AI score0.01632EPSS
Exploits0
kitploit
kitploit
added 2019/07/17 1:11 p.m.256 views

RedGhost v2.0 - Linux Post Exploitation Framework Designed To Assist Red Teams In Gaining Persistence, Reconnaissance And Leaving No Trace

Linux post exploitation framework designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl SudoInject Function to inject sudo command with wrapper...

8.1AI score
Exploits0References1
kitploit
kitploit
added 2019/03/29 12:12 p.m.278 views

WinPwn - Automation For Internal Windows Penetrationtest

In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. For this reason I wrote my own script with automatic proxy recognition and integration. The script is mostly based on well-known large other offensi...

7.4AI score
Exploits0References14
nvd
nvd
added 2019/03/21 4:1 p.m.19 views

CVE-2019-9893

libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators LT, GT, LE, GE, which might able to lead to bypassing seccomp filters and potential privilege escalations...

9.8CVSS9.5AI score0.03041EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2019/03/21 12:0 a.m.24 views

CVE-2019-9893

libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators LT, GT, LE, GE, which might able to lead to bypassing seccomp filters and potential privilege escalations...

9.8CVSS6.8AI score0.03041EPSS
Exploits0References5
openvas
openvas
added 2019/02/15 12:0 a.m.30 views

openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2019:0182-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.4AI score0.12658EPSS
Exploits1References2
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.66 views

Dokany 1.2.0.1000 - Stack-Based Buffer Overflow Privilege Escalation

Dokany 1.2.0.1000 - Stack-Based Buffer Overflow Privilege Escalation / Exploit Title - Dokany Stack-based Buffer Overflow Privilege Escalation Date - 14th January 2019 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://dokan-dev.github.io Tested Version - 1.2.0.1000 Driver Version -...

7.2CVSS1AI score0.01594EPSS
Exploits5
hackerone
hackerone
added 2018/12/30 5:48 a.m.21 views

Keybase: Privilege Escalation through Keybase Installer via Helper

Keybase.app is bundled with the components installer named KeybaseInstaller.app. When --install-app-bundle --source-path --app-path is given to installer, KBAppBundle.m checks if is properly codesigned, then copies it to . First, there's two vulnerabilities in the source path validation: the chec...

Exploits0
exploitpack
exploitpack
added 2018/11/30 12:0 a.m.75 views

xorg-x11-server 1.20.3 - modulepath Local Privilege Escalation

xorg-x11-server 1.20.3 - modulepath Local Privilege Escalation !/bin/sh raptorxorgy - xorg-x11-server LPE via modulepath switch Copyright c 2018 Marco Ivaldi A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X...

7.2CVSS0.2AI score0.2704EPSS
Exploits40
Rows per page
Query Builder