Lucene search
K

258 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:13 p.m.8 views

CVE-2020-12431

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...

6.6CVSS7AI score0.0055EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:11 p.m.8 views

CVE-2020-12324

Protection mechanism failure in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7AI score0.00319EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.6 views

The vulnerability of the Windows Common Log File System Driver in the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Windows Common Log File System Driver in the operating system is related to the possibility of using memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS8AI score0.01291EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/05/05 12:0 a.m.12 views

Docker Desktop < 4.41.0 Privilege Escalation

The version of Docker Desktop for Windows is prior to 4.41.0. It is therefore affected by a privilege escalation vulnerability. A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTE...

7.8CVSS5.8AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2025/04/28 12:15 a.m.11 views

CVE-2025-26692

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory 'Path Traversal'. If exploited, arbitrary code may be executed by a remote unauthenticated attacker with the Windows system privilege where the product is running...

9.2CVSS0.00777EPSS
Exploits0References3
NVD
NVD
added 2025/04/03 4:15 p.m.22 views

CVE-2024-4877

OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges...

8.8CVSS0.00436EPSS
Exploits0References2
OSV
OSV
added 2025/04/03 4:15 p.m.10 views

CVE-2024-4877

OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges...

8.8CVSS7.2AI score0.00436EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/12 6:35 p.m.45 views

CVE-2025-0117 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and...

7.1CVSS6.7AI score0.0015EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/11 4:59 p.m.13 views

CVE-2025-24994 Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability

...

7.3CVSS7.2AI score0.01165EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 8:13 a.m.2 views

CVE-2025-0889

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process...

7.8CVSS5.8AI score0.00196EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/02/21 7:37 p.m.1026 views

Exploit for Execution with Unnecessary Privileges in Microsoft

CVE-2024-43583 - Windows Privilege Escalation Exploit Author...

7.8CVSS7.3AI score0.0133EPSS
Exploits1
Cvelist
Cvelist
added 2025/02/12 9:19 p.m.9 views

CVE-2024-32938

Uncontrolled search path for some IntelR MPI Library for Windows software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS0.00187EPSS
Exploits0References1
OSV
OSV
added 2025/02/06 8:15 a.m.2 views

CVE-2025-23236

Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained...

8.8CVSS7.3AI score0.00182EPSS
Exploits0References2
CVE
CVE
added 2025/02/06 7:5 a.m.57 views

CVE-2025-22890

Defense Platform Home Edition (Humming Heads)

8.8CVSS7.3AI score0.00179EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/01/29 5:46 p.m.15 views

CVE-2025-24789 Snowflake JDBC allows an untrusted search path on Windows

Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write...

7.8CVSS8AI score0.00252EPSS
Exploits0References4
CVE
CVE
added 2025/01/14 6:3 p.m.107 views

CVE-2025-21281

CVE-2025-21281 is a Microsoft Windows COM elevation-of-privilege vulnerability. The CVE entry maps to Windows COM with a high CVSS v3.1 score (7.8, LOW_PRIVILEGES, LOCAL vector; no user interaction; confidentiality/integrity/availability impact: HIGH). The connected documents identify the affecte...

7.8CVSS7.7AI score0.00593EPSS
Exploits0References1Affected Software14
Vulnrichment
Vulnrichment
added 2025/01/02 3:25 p.m.8 views

CVE-2024-55540

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 Windows before build 39169...

6.6CVSS7.2AI score0.00162EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2024/12/06 8:29 p.m.36 views

Metasploit Weekly Wrap-Up 12/06/2024

Post-Thanksgiving Big Release This week's release is an impressive one. It adds 9 new modules, which will get you remote code execution on products such as Ivanti Connect Secure, VMware vCenter Server, Asterisk, Fortinet FortiManager and Acronis Cyber Protect. It also includes an account takeover...

9.8CVSS9.4AI score0.94761EPSS
Exploits64
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.5 views

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to the use of an untrustworthy pointer. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.4AI score0.00678EPSS
Exploits0References2
NVD
NVD
added 2024/09/25 11:15 a.m.18 views

CVE-2024-7481

Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewerservice.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and...

8.8CVSS0.00268EPSS
Exploits2References1
Rows per page
Query Builder