Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-25106
Nanosystems SupRemo 4.1.3.2348 allows malicious users to obtain LocalSystem access because File Manager can be used to rename Supremo.exe and then upload a Trojan horse with the Supremo.exe filename.
Supremocontrol Supremo 4.1.3.2348
8.8
CVSSv3
CVE-2013-6231
SpagoBI prior to 4.1 has Privilege Escalation via an error in the AdapterHTTP script
Eng Spagobi
1 EDB exploit
NA
CVE-2006-1960
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express prior to 2.13 allows remote malicious users to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archi...
Cisco Wireless Lan Solution Engine 2.0
Cisco Wireless Lan Solution Engine 2.1
Cisco Wireless Lan Solution Engine 2.10
Cisco Wireless Lan Solution Engine 2.13
Cisco Wireless Lan Solution Engine 2.2
Cisco Wireless Lan Solution Engine 2.5
Cisco Wireless Lan Solution Engine 2.6
Cisco Wireless Lan Solution Engine 2.11
Cisco Wireless Lan Solution Engine 2.12
Cisco Wireless Lan Solution Engine 2.3
Cisco Wireless Lan Solution Engine 2.4
Cisco Wireless Lan Solution Engine 2.7
Cisco Wireless Lan Solution Engine 2.8
Cisco Wireless Lan Solution Engine 2.9
1 EDB exploit
NA
CVE-2012-2095
The SetWiredProperty function in the D-Bus interface in WICD prior to 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
Fedoraproject Fedora 15
David Paleino Wicd 1.5.3
David Paleino Wicd 1.5.2
David Paleino Wicd 1.5.1
David Paleino Wicd 1.5.0
Fedoraproject Fedora 16
David Paleino Wicd
David Paleino Wicd 1.5.6
David Paleino Wicd 1.5.4
David Paleino Wicd 1.4.2
David Paleino Wicd 1.4.0
David Paleino Wicd 1.7.0
David Paleino Wicd 1.6.2
David Paleino Wicd 1.6.0
David Paleino Wicd 1.5.9
David Paleino Wicd 1.5.8
David Paleino Wicd 1.2.7
Fedoraproject Fedora 17
David Paleino Wicd 1.7.1
David Paleino Wicd 1.5.7
David Paleino Wicd 1.5.5
David Paleino Wicd 1.4.1
1 EDB exploit
7.2
CVSSv3
CVE-2021-2054
Vulnerability in the RDBMS Sharding component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Any View, Create Any Trigger privilege wit...
Oracle Rdbms Sharding 12.2.0.1
Oracle Rdbms Sharding 18c
Oracle Rdbms Sharding 19c
8.8
CVSSv3
CVE-2024-24747
MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, a...
Minio Minio 2024-01-31t20-20-33z
7
CVSSv3
CVE-2016-1531
Exim prior to 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
Exim Exim
3 EDB exploits
6 Github repositories
7.8
CVSSv3
CVE-2018-18860
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Switchvpn Switchvpn 2.1012.03
1 EDB exploit
NA
CVE-2012-3485
Tunnelblick 3.3beta20 and previous versions relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
Google Tunnelblick
2 EDB exploits
8.8
CVSSv3
CVE-2019-14347
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
Schben Adive
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »