Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/16 4:45 a.m.6 views

CVE-2026-22615

Due to improper input validation in one of the Eaton Intelligent Power Protector IPP XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version...

6CVSS5.9AI score0.00342EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/10 3:2 a.m.29 views

CVE-2026-23685 Insecure Deserialization vulnerability in SAP NetWeaver (JMS service)

Due to a Deserialization vulnerability in SAP NetWeaver JMS service, an attacker authenticated as an administrator with local access could submit specially crafted content to the server. If processed by the application, this content could trigger unintended behavior during internal logic executio...

4.4CVSS0.00124EPSS
Exploits0References2
OSV
OSV
added 2025/01/27 11:15 p.m.3 views

CVE-2024-56178

An issue was discovered in Couchbase Server 7.6.x through 7.6.3. A user with the securityadminlocal role can create a new user in a group that has the admin role...

6.5CVSS5.8AI score0.00326EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/28 12:0 a.m.4 views

PT-2025-3199 · Couchbase · Couchbase Server

Name of the Vulnerable Software and Affected Versions: Couchbase Server versions 7.6.x through 7.6.3 Description: An issue was discovered that allows a user with the security admin local role to create a new user in a group that has the admin role. This is related to incorrect permission storage...

8.5CVSS7AI score0.00326EPSS
Exploits0References7
NVD
NVD
added 2022/04/08 8:15 p.m.19 views

CVE-2021-36293

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges...

6.7CVSS0.00193EPSS
Exploits0References1
OSV
OSV
added 2021/12/01 12:0 a.m.5 views

PUB-A-192247339

In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information disclosure about the device owner, profile owner, or device admin due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User...

5.5CVSS7AI score0.0011EPSS
Exploits0References2
OSV
OSV
added 2020/09/04 2:15 p.m.3 views

CVE-2020-7299

Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key TK prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific...

4.1CVSS5.8AI score0.00359EPSS
Exploits0References1
OSV
OSV
added 2020/04/23 6:15 p.m.3 views

CVE-2020-8797

Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call aka Command Line Injection, if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network...

6.7CVSS5.8AI score0.00895EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.20 views

The vulnerability of the fly-admin-local-se component in the FLY operating system of the Astra Linux platform allows a attacker to compromise data integrity, gain unauthorized access to protected information, and cause service interruptions.

The vulnerability of the fly-admin-local-se component in the FLY operating system of Astra Linux is related to logging errors when changing user privileges, as well as errors in creating rules for devices with the same name. Exploiting this vulnerability can allow attackers to compromise data...

6.3CVSS5.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.4 views

The vulnerability of the fly-admin-local component in the FLY operating system environment of the Astra Linux platform involves incorrect processing of input data. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the fly-admin-local component in the FLY operating system environment of Astra Linux is related to the malfunction of the utility when the network is disconnected. Additionally, there is an incorrect interpretation of parameters in the configuration files for pam-tally and...

6.3CVSS5.6AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/02/07 12:0 a.m.5 views

The vulnerability of the fly-admin-local package on the Astra Linux operating system allows a hacker to influence certain security policy rules.

The vulnerability of the fly-admin-local package in the Astra Linux operating system is related to an error in enabling the “kiosk” mode when the /etc/xdg/rusbitech file and the astra-console group are absent. Exploiting this vulnerability can allow a perpetrator to influence certain security...

6.3CVSS5.5AI score
Exploits0
Rows per page
Query Builder