Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/01 5:27 p.m.21 views

CVE-2026-46243

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References5
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.6 views

GRAU DATA Blocky 安全漏洞

GRAU DATA Blocky is a ransomware protection software from GRAU DATA, Germany. A security vulnerability exists in GRAU DATA Blocky versions prior to 3.1 that stems from storing passwords in an encrypted manner, allowing an attacker to steal a user's Blocky password and impersonate a local user...

5.7CVSS6.6AI score0.00142EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:22 a.m.2 views

SUSE CVE-2015-1170

The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 before 345.20, and R346 before 347.52 does not properly validate local client impersonation levels when performing a "kernel administrator check," which allows local users to gain administrator privileges via unspecified API...

7.2CVSS6.7AI score0.0039EPSS
Exploits0References3
OSV
OSV
added 2022/12/09 2:15 p.m.3 views

CVE-2022-2752

A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7...

7.8CVSS5.8AI score0.00178EPSS
Exploits0References1
OSV
OSV
added 2019/07/25 3:15 p.m.5 views

CVE-2019-4439

IBM Cloud Private 3.1.0, 3.1.1, and 3.1.2 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 162949...

5.3CVSS6.1AI score0.00287EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/01/31 6:35 p.m.5 views

polkit: Temporary auth hijacking via PID reuse and non-atomic fork

A vulnerability was found in polkit. When authentication is performed by a non-root user to perform an administrative task, the authentication is temporarily cached in such a way that a local attacker could impersonate the authorized process, thus gaining access to elevated privileges...

6.7CVSS6.8AI score0.00446EPSS
Exploits0References5
OSV
OSV
added 2018/07/12 1:29 p.m.23 views

PYSEC-2018-25

In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application...

4.7CVSS5.9AI score0.00504EPSS
Exploits0References3
OSV
OSV
added 2015/08/24 1:59 a.m.5 views

DEBIAN-CVE-2015-6563

The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafte...

6.4CVSS8.1AI score0.00378EPSS
Exploits0References1
Rows per page
Query Builder