Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
NA
CVE-2015-4027
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) prior to 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
Acunetix Web Vulnerability Scanner
1 EDB exploit
NA
CVE-2010-3895
esRunCommand in IBM OmniFind Enterprise Edition prior to 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
Ibm Omnifind 8.0
Ibm Omnifind 8.5
Ibm Omnifind 8.4
Ibm Omnifind
1 EDB exploit
7.8
CVSSv3
CVE-2018-14327
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" direc...
Ee Ee40vb Firmware
1 EDB exploit
NA
CVE-2014-7872
Comodo GeekBuddy prior to 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
Comodo Geekbuddy
1 EDB exploit
7.8
CVSSv3
CVE-2016-3643
SolarWinds Virtualization Manager 6.3.1 and previous versions allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
Solarwinds Virtualization Manager
1 EDB exploit
7.8
CVSSv3
CVE-2017-14961
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c.
Ikarussecurity Anti.virus 2.16.7
1 EDB exploit
NA
CVE_2024_24747
MinIO versions prior to 2024-01-31T20-20-33Z suffer from a privilege escalation vulnerability.
8.8
CVSSv3
CVE-2022-38577
ProcessMaker before v3.5.4 exists to contain insecure permissions in the user profile page. This vulnerability allows malicious users to escalate normal users to Administrators.
Processmaker Processmaker
2 Github repositories
7.8
CVSSv3
CVE-2011-3349
lightdm prior to 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
Lightdm Project Lightdm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »