Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1191
Cisco NX-OS 6.1 prior to 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud8840...
Cisco Nx-os 6.1\\(4a\\)
Cisco Nx-os 6.1\\(4\\)
Cisco Nx-os 6.1
Cisco Nx-os 6.1\\(1\\)
Cisco Nx-os 6.1\\(3\\)
Cisco Nx-os 6.1\\(2\\)
Cisco Nexus 7000 -
Cisco Nexus 7000 10-slot -
Cisco Nexus 7000 18-slot -
Cisco Nexus 7000 9-slot -
NA
CVE-2006-1960
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express prior to 2.13 allows remote malicious users to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archi...
Cisco Wireless Lan Solution Engine 2.0
Cisco Wireless Lan Solution Engine 2.1
Cisco Wireless Lan Solution Engine 2.10
Cisco Wireless Lan Solution Engine 2.13
Cisco Wireless Lan Solution Engine 2.2
Cisco Wireless Lan Solution Engine 2.5
Cisco Wireless Lan Solution Engine 2.6
Cisco Wireless Lan Solution Engine 2.11
Cisco Wireless Lan Solution Engine 2.12
Cisco Wireless Lan Solution Engine 2.3
Cisco Wireless Lan Solution Engine 2.4
Cisco Wireless Lan Solution Engine 2.7
Cisco Wireless Lan Solution Engine 2.8
Cisco Wireless Lan Solution Engine 2.9
1 EDB exploit
7.8
CVSSv3
CVE-2020-25106
Nanosystems SupRemo 4.1.3.2348 allows malicious users to obtain LocalSystem access because File Manager can be used to rename Supremo.exe and then upload a Trojan horse with the Supremo.exe filename.
Supremocontrol Supremo 4.1.3.2348
8.8
CVSSv3
CVE-2013-6231
SpagoBI prior to 4.1 has Privilege Escalation via an error in the AdapterHTTP script
Eng Spagobi
1 EDB exploit
7.5
CVSSv3
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
308 Github repositories
4 Articles
NA
CVE-2012-2095
The SetWiredProperty function in the D-Bus interface in WICD prior to 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
Fedoraproject Fedora 15
David Paleino Wicd 1.5.3
David Paleino Wicd 1.5.2
David Paleino Wicd 1.5.1
David Paleino Wicd 1.5.0
Fedoraproject Fedora 16
David Paleino Wicd
David Paleino Wicd 1.5.6
David Paleino Wicd 1.5.4
David Paleino Wicd 1.4.2
David Paleino Wicd 1.4.0
David Paleino Wicd 1.7.0
David Paleino Wicd 1.6.2
David Paleino Wicd 1.6.0
David Paleino Wicd 1.5.9
David Paleino Wicd 1.5.8
David Paleino Wicd 1.2.7
Fedoraproject Fedora 17
David Paleino Wicd 1.7.1
David Paleino Wicd 1.5.7
David Paleino Wicd 1.5.5
David Paleino Wicd 1.4.1
1 EDB exploit
8.8
CVSSv3
CVE-2024-24747
MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, a...
Minio Minio 2024-01-31t20-20-33z
7
CVSSv3
CVE-2016-1531
Exim prior to 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
Exim Exim
3 EDB exploits
6 Github repositories
7.8
CVSSv3
CVE-2018-18860
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Switchvpn Switchvpn 2.1012.03
1 EDB exploit
NA
CVE-2012-3485
Tunnelblick 3.3beta20 and previous versions relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
Google Tunnelblick
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »