Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5377
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
Apple Cups 1.3.8
1 EDB exploit
6.8
CVSSv3
CVE-2021-34546
An unauthenticated attacker with physical access to a computer with NetSetMan Pro prior to 5.0 installed, that has the pre-logon profile switch button within the Windows logon screen enabled, is able to drop to an administrative shell and execute arbitrary commands as SYSTEM via ...
Netsetman Netsetman
NA
CVE-2014-9632
The TDI driver (avgtdix.sys) in AVG Internet Security prior to 2013.3495 Hot Fix 18 and 2015.x prior to 2015.5315 and Protection prior to 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call.
Avg Protection
Avg Internet Security
1 EDB exploit
7.8
CVSSv3
CVE-2022-20818
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local malicious user to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabi...
Cisco Sd-wan Vbond Orchestrator
Cisco Sd-wan Vmanage
Cisco Sd-wan Vsmart Controller
Cisco Sd-wan
1 Github repository
NA
CVE-2015-8368
ntopng (aka ntop) prior to 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
Ntop Ntopng
1 EDB exploit
7.8
CVSSv3
CVE-2018-18435
KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs a servic...
Kioware Kioware Server
1 EDB exploit
NA
CVE-2007-5762
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
Novell Netware Client 4.91
1 EDB exploit
8.8
CVSSv3
CVE-2017-6896
Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an malicious user to escalate from user privilege to admin privilege just by modifying the Base64-encoded session cookie value.
Digisol Dg-hr1400 Router Firmware 1.00.02
1 EDB exploit
7.8
CVSSv3
CVE-2018-6947
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and previous versions allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for ...
Nomachine Nomachine
Microsoft Windows 10
Microsoft Windows 8
Microsoft Windows 7
2 EDB exploits
7.8
CVSSv3
CVE-2022-20775
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local malicious user to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabi...
Cisco Sd-wan Vbond Orchestrator
Cisco Sd-wan Vbond Orchestrator 20.8
Cisco Sd-wan Vsmart Controller 20.8
Cisco Sd-wan Vsmart Controller
Cisco Catalyst Sd-wan Manager 20.8
Cisco Catalyst Sd-wan Manager
Cisco Sd-wan
Cisco Sd-wan 20.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »