48 matches found
Azure Event Grid System Elevation of Privilege Vulnerability
Improper access control in Azure Event Grid allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-49708
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network...
EUVD-2025-24285
Malicious code in bioql PyPI...
EUVD-2025-24368
Malicious code in bioql PyPI...
Windows NTLM Elevation of Privilege Vulnerability
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network...
CVE-2025-53795
CVE-2025-53795 : Microsoft PC Manager has an improper authorization weakness that could let an unauthenticated attacker elevate privileges over the network. The CVE is documented across multiple feeds (NVD, Microsoft MSRC, Red Hat, CNNVD, PT- Security) with high-severity ratings (CVSS v3.1 base s...
PT-2025-34293 · Microsoft · Pcmanager
Name of the Vulnerable Software and Affected Versions: Microsoft PC Manager affected versions not specified Description: Improper authorization in Microsoft PC Manager can allow an unauthorized attacker to elevate privileges over a network. Recommendations: At the moment, there is no information...
CVE-2025-53779
Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network...
CVE-2025-53779
CVE-2025-53779 is a Windows Kerberos Elevation of Privilege vulnerability. The flaw is described as a relative path traversal in Windows Kerberos that can allow an authorized attacker to elevate privileges over the network, potentially achieving domain administrator rights via the delegated Manag...
Microsoft SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
PT-2025-32739 · Microsoft · Sql Server
Name of the Vulnerable Software and Affected Versions: SQL Server affected versions not specified Description: Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network. Recommendations: At the moment, there is no information about a newer version th...
PT-2025-32832
Name of the Vulnerable Software and Affected Versions: SQL Server affected versions not specified Description: The software contains an improper neutralization of special elements used in an SQL command, leading to a potential SQL injection issue. This allows an authorized attacker to elevate...
CVE-2025-33070
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network...
CVE-2025-30390
Improper authorization in Azure allows an authorized attacker to elevate privileges over a network...
Linux Distros Unpatched Vulnerability : CVE-2023-52880
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach...
GroupMe Elevation of Privilege Vulnerability
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network...
CVE-2024-0333
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. Chromium security severity: High...
PT-2023-13576 · Intel · Intel Ema
Name of the Vulnerable Software and Affected Versions: IntelR EMA software versions prior to 1.8.1.0 Description: The issue is related to improper neutralization in the IntelR EMA software, which may allow a privileged user to potentially enable escalation of privilege via network access...
Memory corruption
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to execute arbitrary code...
CVE-2020-4983
IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a user on the local network who has privileges to submit LSF jobs to execute arbitrary commands. IBM X-Force ID: 192586...