Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2014-2197
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a craft...
Cisco Unified Cdm Application Software
Cisco Unified Communications Domain Manager -
830
VMScore
CVE-2014-3300
The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 10 does not properly implement access control, which allows remote malicious users to modify user information via a crafted URL, aka Bug ID CS...
Cisco Unified Communications Domain Manager -
Cisco Unified Cdm Application Software 8.1
Cisco Unified Cdm Application Software
905
VMScore
CVE-2017-12479
It exists that an issue in the session logic in Unitrends Backup (UB) prior to 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could t...
Kaseya Unitrends Backup
1 EDB exploit
466
VMScore
CVE-2018-6606
An issue exists in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by sending IOCTL 0x80002010 and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges.
Malwarefox Antimalware 2.74.0.150
1 EDB exploit
2 Github repositories
725
VMScore
CVE-2008-5736
Multiple unspecified vulnerabilities in FreeBSD 6 prior to 6.4-STABLE, 6.3 prior to 6.3-RELEASE-p7, 6.4 prior to 6.4-RELEASE-p1, 7.0 prior to 7.0-RELEASE-p7, 7.1 prior to 7.1-RC2, and 7 prior to 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors relate...
Freebsd Freebsd 6.0
Freebsd Freebsd 6.3
Freebsd Freebsd 7.0
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
1 EDB exploit
725
VMScore
CVE-2020-3950
VMware Fusion (11.x prior to 11.5.2), VMware Remote Console for Mac (11.x and prior prior to 11.0.1) and Horizon Client for Mac (5.x and prior prior to 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issu...
Vmware Fusion
Vmware Horizon Client
Vmware Remote Console
1 EDB exploit
1000
VMScore
CVE-2011-2921
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.
Ktsuss Project Ktsuss
1 EDB exploit
655
VMScore
CVE-2019-14347
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
Schben Adive
1 EDB exploit
1000
VMScore
CVE-2018-5701
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
Iolo System Shield 5.0.0.136
1 EDB exploit
695
VMScore
CVE-2017-14798
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
Postgresql Postgresql
Suse Suse Linux Enterprise Server 11
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »