Lucene search
K

832 matches found

Prion
Prion
added 2019/06/18 2:15 p.m.13 views

Design/Logic Flaw

A vulnerability in the exacqVision Enterprise System Manager ESM v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system. This issue does not...

6.9CVSS6.9AI score0.00735EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/06/18 1:23 p.m.19 views

CVE-2019-7588 exacqVision Enterprise System Manager (ESM) privilege escalation

A vulnerability in the exacqVision Enterprise System Manager ESM v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system. This issue does not...

6.7CVSS7AI score0.00735EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2019/03/22 9:28 p.m.228 views

Firefox and Edge Fall to Hackers on Day Two of Pwn2Own

Hackers took down the Mozilla Firefox and Microsoft Edge browsers on Thursday at Pwn2Own, the annual hacking conference held in tandem with CanSecWest, as the competition continued for a second day. The dynamic hacking duo of Amat Cama and Richard Zhu, which make up team Fluoroacetate, had anothe...

1.2AI score
Exploits0References9
Exploit DB
Exploit DB
added 2019/02/19 12:0 a.m.83 views

MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation

Exploit Title: MaxxAudio Drivers WavesSysSvc64.exe File Permissions SYSTEM Privilege Escalation Google Dork: Date: 2/18/2019 Exploit Author: Mike Siegel @mlsiegel Vendor Homepage: https://maxx.com Software Link: Version: 1.6.2.0 May affect other versions Tested on: Win 10 64 bit CVE :...

7.8CVSS7.9AI score0.00935EPSS
Exploits3
OSV
OSV
added 2019/02/18 7:29 p.m.4 views

CVE-2019-8917

SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method ma...

9.8CVSS7.9AI score0.36448EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2019/02/15 12:0 a.m.39 views

exacqVision ESM 5.12.2 Privilege Escalation

Exploit Title: exacqVision ESM 5.12.2 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Date: 2019-02-13 Vulnerable Software: http://cdnpublic.exacq.com/5.12/exacqVisionEnterpriseSystemManager5.12.2.150128x86.exe Vendor Homepage: https://www.exacq.com Version: 5.12.2.150128 Tested Window...

0.5AI score
Exploits0
NVD
NVD
added 2018/12/12 12:29 a.m.15 views

CVE-2018-10143

The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application...

10CVSS9.6AI score0.24848EPSS
Exploits1References3
Prion
Prion
added 2018/12/12 12:29 a.m.20 views

Design/Logic Flaw

The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application...

10CVSS9.5AI score0.24848EPSS
Exploits1References3Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2018/12/11 9:35 p.m.45 views

Remote Code Execution in Expedition Migration Tool

A remote code execution vulnerability exists in the Palo Alto Networks Migration Tool “Expedition”. Ref MT-794/ CVE-2018-10143 Successful exploitation of this issue may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application...

1AI score0.24848EPSS
Exploits1References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2018/12/11 9:35 p.m.9 views

Remote Code Execution in Expedition Migration Tool

A remote code execution vulnerability exists in the Palo Alto Networks Migration Tool “Expedition”. Ref MT-794/ CVE-2018-10143 Successful exploitation of this issue may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application...

9.8CVSS8.1AI score0.24848EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2018/11/26 12:0 a.m.52 views

ELBA5 5.8.0 - Remote Code Execution

Exploit Title: ELBA5 5.8.0 - Remote Code Execution Date: 2018-11-16 Exploit Author: Florian Bogner Vendor Homepage: https://www.elba.at Vulnerable Software: https://www.elba.at/eBusiness/01template1/1206507788612244132-12065155957890496571206515641959948315-1292519691128454196-NA-38-NA.html...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2018/11/26 12:0 a.m.117 views

SolarWinds DameWare Mini Remote Control < 12.0.3 Buffer Overflow Vulnerability

SolarWinds DameWare Mini Remote Control is prone to a local buffer overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

10CVSS9.7AI score0.51215EPSS
Exploits4References1
OSV
OSV
added 2018/10/23 8:29 p.m.6 views

CVE-2018-14828

Advantech WebAccess 8.3.1 and earlier has an improper privilege management vulnerability, which may allow an attacker to access those files and perform actions at a system administrator level...

7.8CVSS5.8AI score0.00407EPSS
Exploits0References3
Prion
Prion
added 2018/10/05 2:29 p.m.11 views

Input validation

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of...

9CVSS8.9AI score0.04029EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/10/05 2:0 p.m.17 views

CVE-2018-0431 Cisco Integrated Management Controller Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of...

9.1AI score0.04029EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/02 12:0 a.m.787 views

AXIS Multiple Vulnerabilities (ACV-128401)

The firmware version running on the remote host is vulnerable to multiple vulnerabilities. An unauthenticated remote attacker could gain system-level unauthorized access to the affected device. Note that Nessus has not tested for these issues but has instead relied only on the application's...

10CVSS8.1AI score0.86682EPSS
Exploits10References9
Cisco
Cisco
added 2018/08/15 4:0 p.m.44 views

Cisco Web Security Appliance Privilege Escalation Vulnerability

A vulnerability in the account management subsystem of Cisco Web Security Appliance WSA could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to improper implementation of access...

6.7CVSS2.8AI score0.00436EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2018/07/23 12:0 a.m.45 views

Splinterware System Scheduler Pro 5.12 - Privilege Escalation

Exploit Title: Splinterware System Scheduler Pro 5.12 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Date: 2018-07-21 Vulnerable Software: System Scheduler Pro 5.12 Vendor Homepage: https://www.splinterware.com Version: 5.12 Tested Windows 7 SP1 x86 CVE: N/A Description: Splinterware...

7.4AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2018/07/13 12:0 a.m.34 views

Microsoft Windows Child Window NULL Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.2CVSS3.5AI score0.01208EPSS
Exploits0References1
Prion
Prion
added 2018/07/09 6:29 p.m.13 views

Buffer overflow

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. By crafting an input buffer we can control the execution path to the point where the constant DWORD 0 will be written t...

7.2CVSS7.7AI score0.00614EPSS
Exploits2References3Affected Software3
Rows per page
Query Builder