Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-18856
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
7.8
CVSSv3
CVE-2017-6178
The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference.
Usbpcap Project Usbpcap 1.1.0.0
1 EDB exploit
7.8
CVSSv3
CVE-2018-18858
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
7.8
CVSSv3
CVE-2018-10900
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an malicious user to execute arbi...
Gnome Network Manager Vpnc
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit
NA
CVE-2014-0476
The slapper function in chkrootkit prior to 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 13.10
Chkrootkit Chkrootkit
2 EDB exploits
8.8
CVSSv3
CVE-2023-32707
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by...
Splunk Splunk Cloud Platform
Splunk Splunk
1 Metasploit module
3 Github repositories
NA
CVE-2013-4011
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
Ibm Aix 6.1
Ibm Aix 7.1
Ibm Vios 2.2.2.2
2 EDB exploits
NA
CVE-2015-4027
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) prior to 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
Acunetix Web Vulnerability Scanner
1 EDB exploit
8.8
CVSSv3
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
7.8
CVSSv3
CVE-2018-6593
An issue exists in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by connecting to the filter communication port and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to e...
Malwarefox Antimalware 2.74.0.150
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »