Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-3483
Race condition in the runScript function in Tunnelblick 3.3beta20 and previous versions allows local users to gain privileges by replacing a script file.
Google Tunnelblick
2 EDB exploits
NA
CVE-2012-3485
Tunnelblick 3.3beta20 and previous versions relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
Google Tunnelblick
2 EDB exploits
NA
CVE-2011-0727
GNOME Display Manager (gdm) 2.x prior to 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
Gnome Gdm 2.2
Gnome Gdm 2.3
Gnome Gdm 2.16
Gnome Gdm 2.17
Gnome Gdm 2.0
Gnome Gdm 2.14
Gnome Gdm 2.15
Gnome Gdm 2.22
Gnome Gdm 2.23
Gnome Gdm 2.30
Gnome Gdm 2.31
Gnome Gdm 2.4
Gnome Gdm 2.5
Gnome Gdm 2.6
Gnome Gdm 2.18
Gnome Gdm 2.19
Gnome Gdm 2.26
Gnome Gdm 2.27
Gnome Gdm 2.8
Gnome Gdm 2.13
Gnome Gdm 2.20
Gnome Gdm 2.21
NA
CVE-2014-9642
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup prior to 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
Bullguard Bdagent.sys
Bullguard Internet Security
Bullguard Online Backup
Bullguard Premium Protection
1 EDB exploit
7.8
CVSSv3
CVE-2018-18857
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
NA
CVE-2008-1625
aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOCTL 0xb2d60030, which allows local users to gain privileges via certain IOCTL requests.
Avast Avast Antivirus Home 4.7.1043
Avast Avast Antivirus Home 4.7.1098
Avast Avast Antivirus Home 4.7.827
Avast Avast Antivirus Home 4.7.844
Avast Avast Antivirus Home 4.7.869
Avast Avast Antivirus Professional 4.7.844
Avast Avast Antivirus Professional 4.7.1043
Avast Avast Antivirus Professional 4.7.1098
Avast Avast Antivirus Professional 4.7.827
1 EDB exploit
9.8
CVSSv3
CVE-2012-4284
A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code
Sparklabs Viscosity 1.4.1
2 EDB exploits
6.5
CVSSv3
CVE-2014-1889
The Group creation process in the Buddypress plugin prior to 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check.
Buddypress Buddypress
1 EDB exploit
7.8
CVSSv3
CVE-2018-18856
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
7.8
CVSSv3
CVE-2018-18858
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »