Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
superuser vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2013-4226
The Authenticated User Page Caching (Authcache) module 7.x-1.x prior to 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the ...
Drupal Authenticated User Page Caching 7.x-1.0
Drupal Authenticated User Page Caching 7.x-1.1
Drupal Authenticated User Page Caching 7.x-1.2
Drupal Authenticated User Page Caching 7.x-1.3
Drupal Authenticated User Page Caching 7.x-1.4
Drupal Authenticated User Page Caching 7.x-1.5
6.2
CVSSv3
CVE-2018-14801
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that can be used to access and modify all settings on the device, as well as allow th...
Philips Pagewriter Tc70 Firmware -
Philips Pagewriter Tc50 Firmware -
Philips Pagewriter Tc30 Firmware -
Philips Pagewriter Tc20 Firmware -
Philips Pagewriter Tc10 Firmware -
7
CVSSv3
CVE-2019-10210
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.
Postgresql Postgresql
8.8
CVSSv3
CVE-2023-41119
An issue exists in EnterpriseDB Postgres Advanced Server (EPAS) prior to 11.21.32, 12.x prior to 12.16.20, 13.x prior to 13.12.16, 14.x prior to 14.9.0, and 15.x prior to 15.4.0. It contains the function _dbms_aq_move_to_exception_queue that may be used to elevate a user's p...
Enterprisedb Postgres Advanced Server
8.8
CVSSv3
CVE-2021-3165
SmartAgent 3.1.0 allows a ViewOnly malicious user to create a SuperUser account via the /#/CampaignManager/users URI.
Missionlabs Smartagent 3.1.0
1 Github repository
8.8
CVSSv3
CVE-2018-13032
ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.
Ecessa Shieldlink Sl175ehq Firmware 10.7.4
NA
CVE-2015-1481
Ansible Tower (aka Ansible UI) prior to 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account.
Ansible Tower
1 EDB exploit
9.8
CVSSv3
CVE-2022-1668
Weak default root user credentials allow remote malicious users to easily obtain OS superuser privileges over the open TCP port for SSH.
Secheron Sepcos Control And Protection Relay Firmware
7.8
CVSSv3
CVE-2019-17437
An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions before 7.1.25; 8.0 versions before 8.0.20; 8.1 versions before...
Paloaltonetworks Pan-os
9.8
CVSSv3
CVE-2023-1778
This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote malicious user to login as superuser by using default username/password via web-based management interface and/or ...
Gajshield Data Security Firewall Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »