7 matches found
CVE-2024-38492
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file...
CVE-2023-20266
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected...
CVE-2025-24505
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file...
CVE-2025-24505
Technical details about CVE-2025-24505, including affected products, versions, root cause, and fixes, are not publicly available in the provided connected documents. Monitor for updates.
PT-2025-5377 · Unknown · Symantec Privileged Access Management
Name of the Vulnerable Software and Affected Versions: Privileged Access Management System affected versions not specified Description: This issue allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrad...
CVE-2023-20266
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected...
PT-2021-20218 · Naver · Naver Toolbar
Name of the Vulnerable Software and Affected Versions: NAVER Toolbar versions prior to 4.0.30.323 Description: The issue allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in the filename parameter can bypass the code signing check function...