Lucene search
K

16 matches found

CNNVD
CNNVD
added 2024/10/15 12:0 a.m.2 views

NewType FlowMaster BPM Plus 安全漏洞

NewType FlowMaster BPM Plus is a business process management system from NewType, a Chinese company. A security vulnerability exists in NewType FlowMaster BPM Plus that stems from an elevation-of-privilege vulnerability that could allow a remote attacker with regular privileges to elevate their...

8.8CVSS6.7AI score0.00591EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/10/10 3:54 p.m.43 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.8CVSS6.8AI score0.12966EPSS
Exploits10References4
ThreatPost
ThreatPost
added 2022/01/31 9:59 p.m.409 views

Public Exploit Released for Windows 10 Bug

Security teams might have skipped January’s Patch Tuesday after reports of it breaking servers, but it also included a patch for a privilege-escalation bug in Windows 10 that leaves unpatched systems open to malicious actors looking for administrative access. It’s a bug that now has a...

7.8CVSS8AI score0.78376EPSS
Exploits22References14
Huntr
Huntr
added 2021/07/03 9:6 a.m.10 views

in bigprof-software/online-rental-property-manager

💥 BUG privilege escalation bug to add employmentandincomehistory to a applicant . 💥 IMPACT unprivileged user can add employmentandincomehistory to a applicant 💥 STEP TO REPRODUCE 1. From admin account goto http://localhost/online-rental/app/admin/pageViewMembers.php and add new user called user-B...

0.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/06/09 1:45 a.m.83 views

Important: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.8CVSS6.6AI score0.00472EPSS
Exploits0References5
Hacker One
Hacker One
added 2021/02/26 3:57 p.m.17 views

GitLab: Reporters can upload design to issues using the "Move to" feature

Summary According to the permission documentation, only role of Developer or more can upload Design Management files. However, using the issue "Move to" feature, a reporter can create a issue with designs. Steps to reproduce 1. Consider a private project say Private Project with a member Reporter...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2020/09/23 9:5 p.m.559 views

Zerologon Patches Roll Out Beyond Microsoft

UPDATE The “perfect” Windows vulnerability known as the Zerologon bug is getting a patch assist from two non-Microsoft sources, as they strive to fill in the gaps that the official fix doesn’t address. They roll out as Microsoft announced that it is tracking active exploitation in the wild. “We...

9.3CVSS8.2AI score0.99512EPSS
Exploits75References10
VulnCheck KEV
VulnCheck KEV
added 2019/07/09 12:0 a.m.2 views

VulnCheck KEV: CVE-2019-0880

A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity...

7.8CVSS7.3AI score0.02404EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2018/05/08 8:27 p.m.26 views

Sierra Wireless Patches Critical Vulns in Range of Wireless Routers

Sierra Wireless has patched two critical vulnerabilities for its range of wireless gateways that would leave the enterprise devices helpless to an array of remote threats, including the charms of the Reaper IoT botnet. The more critical of the two with a 9.4 CVSSv3 Temp Score is a...

10CVSS1.2AI score0.04486EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.43 views

SUSE SLES11 Security Update : glibc (SUSE-SU-2018:0075-1)

This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

7.8CVSS7.6AI score0.13614EPSS
Exploits9References4
OSV
OSV
added 2018/01/12 8:44 a.m.7 views

SUSE-SU-2018:0076-1 Security update for glibc

This update for glibc fixes the following issues: - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A buffer manipulation vulnerability in nscd has been fixed that could possibly have lead to an nscd daemon crash or code execution as the user...

9.8CVSS8.8AI score0.13614EPSS
Exploits11References5
exploitpack
exploitpack
added 2016/11/02 12:0 a.m.37 views

LifeSize Room 5.0.9 - Multiple Vulnerabilities

LifeSize Room 5.0.9 - Multiple Vulnerabilities Source: https://github.com/XiphosResearch/exploits/tree/master/deathsize LifeSize Room 5.0.9, remote config disclosure, code execution & local privilege escalation Ultimately the Lifesize Room products have fundamentally flawed firmware, many similar...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/23 12:0 a.m.47 views

Firefox PDF.js Privileged Javascript Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Firefox PDF.js Privileged Javascript Injection', 'Description' = %q This module gains remote code execution on Firefox 35-36 by...

5CVSS0.6AI score0.67465EPSS
Exploits4
NVD
NVD
added 2013/10/02 10:55 p.m.18 views

CVE-2012-4102

The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System UCS allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02600...

6.8CVSS7AI score0.00346EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2013/07/08 9:45 a.m.41 views

July 2013 Microsoft Patch Tuesday Security Updates

A critical Windows kernel vulnerability, publicly disclosed in May by a Google security engineer, will be patched tomorrow when Microsoft releases its July Patch Tuesday security updates. Tavis Ormandy, who has controversially disclosed Windows vulnerability details in the past, made a posting to...

6.9CVSS0.2AI score0.39578EPSS
Exploits6References6
Exploit DB
Exploit DB
added 2013/05/14 12:0 a.m.222 views

Linux Kernel 2.6.32 < 3.x (CentOS 5/6) - 'PERF_EVENTS' Local Privilege Escalation (1)

/ linux 2.6.37-3.x.x x8664, 100 LOC gcc-4.6 -O2 semtex.c && ./a.out 2010 [email protected], salut! update may 2013: seems like centos 2.6.32 backported the perf bug, lol. jewgold to 115T6jzGrVMgQ2Nt1Wnua7Ch1EuL9WXT2g if you insist. EDB Note: Update...

8.4CVSS7AI score0.47709EPSS
Exploits15
Rows per page
Query Builder