Lucene search
K

258 matches found

Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.3 views

PT-2024-6558 · Grafana +1 · Grafana Agent +2

Name of the Vulnerable Software and Affected Versions: Grafana Alloy versions prior to 1.3.3 Grafana Alloy versions 1.4.0-rc.0 through 1.4.0-rc.1 Grafana Agent Flow mode version prior to 0.43.3 Description: The issue is related to an Unquoted Search Path or Element vulnerability in Grafana Alloy ...

9.9CVSS6.9AI score0.97781EPSS
Exploits22References166
BDU FSTEC
BDU FSTEC
added 2024/09/18 12:0 a.m.5 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Graphics component in Windows operating systems is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9CVSS5.4AI score0.01749EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.132 views

Axigen Arbitrary File Read And Delete

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Axigen Arbitrary File Read and Delete', 'Description' = %q This module exploits a directory traversal vulnerability in the WebAdmin interface of...

6.4CVSS7AI score0.83632EPSS
Exploits3
VulnCheck KEV
VulnCheck KEV
added 2024/07/25 12:0 a.m.3 views

VulnCheck KEV: CVE-2017-4946

The VMware V4H and V4PA desktop agents 6.x before 6.5.1 contain a privilege escalation vulnerability. Successful exploitation of this issue could result in a low privileged windows user escalating their privileges to SYSTEM...

7.8CVSS7.3AI score0.00498EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.4 views

PT-2024-4964 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a use-after-free vulnerability in the Win32k component Win32k.sys of Windows operating systems, which is associated with memory usage after it has been freed...

7.8CVSS6.9AI score0.00866EPSS
Exploits0References11
OSV
OSV
added 2024/06/20 9:15 p.m.7 views

CVE-2024-36071

Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path...

6.3CVSS5.5AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 2024/06/20 12:0 a.m.64 views

CVE-2024-36071

CVE-2024-36071 affects Samsung Magician 8.0.0 on Windows, where an Untrusted Search Path allows a local attacker with administrative privileges to escalate privileges by tampering with installation directory and DLL files. The CVE’s metrics indicate a local, high-complexity, high-privilege requir...

6.3CVSS7.2AI score0.00142EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/14 6:24 p.m.7 views

CVE-2023-42938

A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.13.1 for Windows. A local attacker may be able to elevate their privileges...

5.9AI score0.00189EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.3 views

PT-2024-2286 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to insufficient access control in the Windows operating system's SCSI device handler, allowing an attacker to potentially elevate their privileges. This could...

7.8CVSS9.2AI score0.00825EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/13 12:0 a.m.5 views

PT-2024-3264 · Intel · Intel Thunderbolt Dch Drivers

Name of the Vulnerable Software and Affected Versions: IntelR ThunderboltTM DCH drivers for Windows versions prior to 88 Description: The issue is related to improper buffer restrictions in some IntelR ThunderboltTM DCH drivers for Windows, which may allow a privileged user to potentially enable...

6.1CVSS7.8AI score0.00172EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.6 views

The vulnerability of the Win32k component in Windows operating systems, which allows attackers to increase their privileges

The vulnerability of the Win32k component in Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.3AI score0.00671EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.7 views

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.3AI score0.06548EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.5 views

PT-2023-11471 · Beyondtrust · Beyondtrust Privilege Management For Windows

Name of the Vulnerable Software and Affected Versions: BeyondTrust Privilege Management for Windows versions through 5.6 Description: An issue was discovered in BeyondTrust Privilege Management for Windows. When adding the Add Admin token to a process and specifying that it runs at medium integri...

7.8CVSS7.2AI score0.00224EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/11/14 7:6 p.m.27 views

CVE-2023-28741

Buffer overflow in some IntelR QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.9CVSS8.3AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2023/10/05 1:15 a.m.5 views

CVE-2023-26236

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References1
OSV
OSV
added 2023/09/06 6:43 p.m.21 views

GHSA-W23Q-4HW3-2PP6 Minio vulnerable to Privilege Escalation on Windows via Path separator manipulation

Impact All users on Windows are impacted. MinIO fails to filter the \ character, which allows for arbitrary object placement across buckets. As a result, a user with low privileges, such as an access key, service account, or STS credential, which only has permission to PutObject in a specific...

8.8CVSS8.5AI score0.00981EPSS
Exploits0References6
OSV
OSV
added 2023/08/30 5:15 p.m.3 views

CVE-2023-40596

In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library DLL that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege...

8.8CVSS5.8AI score0.00156EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/30 4:19 p.m.32 views

CVE-2023-40596 Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL

In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library DLL that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege...

7CVSS9.1AI score0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/08 5:5 p.m.19 views

CVE-2023-36540

Untrusted search path in the installer for Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access...

7.3CVSS7AI score0.00287EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/07/18 12:0 a.m.6 views

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.3AI score0.00431EPSS
Exploits0References3
Rows per page
Query Builder