Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3300
The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 10 does not properly implement access control, which allows remote malicious users to modify user information via a crafted URL, aka Bug ID CS...
Cisco Unified Communications Domain Manager -
Cisco Unified Cdm Application Software 8.1
Cisco Unified Cdm Application Software
NA
CVE-2014-2197
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a craft...
Cisco Unified Communications Domain Manager -
Cisco Unified Cdm Application Software
NA
CVE-2014-2198
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software prior to 4.4.2 has a hardcoded SSH private key, which makes it easier for remote malicious users to obtain access to the support and root accounts by extracting this key from a binary file found in...
Cisco Unified Communications Domain Manager -
Cisco Unified Cdm Platform Software
8.8
CVSSv3
CVE-2024-24747
MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, a...
Minio Minio 2024-01-31t20-20-33z
7.2
CVSSv3
CVE-2021-2054
Vulnerability in the RDBMS Sharding component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Any View, Create Any Trigger privilege wit...
Oracle Rdbms Sharding 18c
Oracle Rdbms Sharding 19c
Oracle Rdbms Sharding 12.2.0.1
NA
CVE-2012-2095
The SetWiredProperty function in the D-Bus interface in WICD prior to 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
Fedoraproject Fedora 17
David Paleino Wicd 1.4.0
Fedoraproject Fedora 16
David Paleino Wicd 1.2.7
David Paleino Wicd 1.5.7
David Paleino Wicd 1.5.8
David Paleino Wicd 1.5.3
David Paleino Wicd 1.4.2
David Paleino Wicd 1.5.2
David Paleino Wicd 1.5.4
David Paleino Wicd 1.3.1
David Paleino Wicd 1.6.2
David Paleino Wicd 1.5.9
David Paleino Wicd
David Paleino Wicd 1.6.0
David Paleino Wicd 1.7.1
David Paleino Wicd 1.5.5
Fedoraproject Fedora 15
David Paleino Wicd 1.7.0
David Paleino Wicd 1.4.1
David Paleino Wicd 1.5.0
David Paleino Wicd 1.5.1
1 EDB exploit
7
CVSSv3
CVE-2016-1531
Exim prior to 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
Exim Exim
3 EDB exploits
6 Github repositories
7.8
CVSSv3
CVE-2018-18860
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Switchvpn Switchvpn 2.1012.03
1 EDB exploit
7.8
CVSSv3
CVE-2020-3950
VMware Fusion (11.x prior to 11.5.2), VMware Remote Console for Mac (11.x and prior prior to 11.0.1) and Horizon Client for Mac (5.x and prior prior to 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issu...
Vmware Fusion
Vmware Horizon Client
Vmware Remote Console
1 EDB exploit
7.8
CVSSv3
CVE-2024-21116
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are before 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox execut...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »