Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24747
MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, a...
Minio Minio 2024-01-31t20-20-33z
6.9
CVSSv2
CVE-2012-2095
The SetWiredProperty function in the D-Bus interface in WICD prior to 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
Fedoraproject Fedora 17
David Paleino Wicd 1.4.0
Fedoraproject Fedora 16
David Paleino Wicd 1.2.7
David Paleino Wicd 1.5.7
David Paleino Wicd 1.5.8
David Paleino Wicd 1.5.3
David Paleino Wicd 1.4.2
David Paleino Wicd 1.5.2
David Paleino Wicd 1.5.4
David Paleino Wicd 1.3.1
David Paleino Wicd 1.6.2
David Paleino Wicd 1.5.9
David Paleino Wicd
David Paleino Wicd 1.6.0
David Paleino Wicd 1.7.1
David Paleino Wicd 1.5.5
Fedoraproject Fedora 15
David Paleino Wicd 1.7.0
David Paleino Wicd 1.4.1
David Paleino Wicd 1.5.0
David Paleino Wicd 1.5.1
1 EDB exploit
6.5
CVSSv2
CVE-2021-2054
Vulnerability in the RDBMS Sharding component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Any View, Create Any Trigger privilege wit...
Oracle Rdbms Sharding 18c
Oracle Rdbms Sharding 19c
Oracle Rdbms Sharding 12.2.0.1
6.9
CVSSv2
CVE-2016-1531
Exim prior to 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
Exim Exim
3 EDB exploits
6 Github repositories
7.2
CVSSv2
CVE-2018-18860
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Switchvpn Switchvpn 2.1012.03
1 EDB exploit
7.5
CVSSv2
CVE-2014-3300
The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 10 does not properly implement access control, which allows remote malicious users to modify user information via a crafted URL, aka Bug ID CS...
Cisco Unified Communications Domain Manager -
Cisco Unified Cdm Application Software 8.1
Cisco Unified Cdm Application Software
9
CVSSv2
CVE-2014-2197
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a craft...
Cisco Unified Communications Domain Manager -
Cisco Unified Cdm Application Software
10
CVSSv2
CVE-2014-2198
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software prior to 4.4.2 has a hardcoded SSH private key, which makes it easier for remote malicious users to obtain access to the support and root accounts by extracting this key from a binary file found in...
Cisco Unified Communications Domain Manager -
Cisco Unified Cdm Platform Software
7.2
CVSSv2
CVE-2008-5736
Multiple unspecified vulnerabilities in FreeBSD 6 prior to 6.4-STABLE, 6.3 prior to 6.3-RELEASE-p7, 6.4 prior to 6.4-RELEASE-p1, 7.0 prior to 7.0-RELEASE-p7, 7.1 prior to 7.1-RC2, and 7 prior to 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors relate...
Freebsd Freebsd 7.1
Freebsd Freebsd 6.3
Freebsd Freebsd 6.4
Freebsd Freebsd 7.0
Freebsd Freebsd 6.0
1 EDB exploit
6.5
CVSSv2
CVE-2019-14347
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
Schben Adive
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »