2 matches found
CVE-2025-0425 Local Privilege Escalation via Config Manipulation
Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change the server address of the "bestinformed Server" to which this client connects. This is dangerous as the "bestinformed Infoclient" runs with elevated permissions "nt authority\system". By changing the...
The vulnerability of the Firefox browser, which allows a remote attacker to bypass certificate verification
The vulnerability of the Firefox browser in handling alternative HTTP services allows a malicious actor to bypass the X.509 certificate verification for SSL servers by modifying the server address in the uri-host header of the HTTP/2 response...