Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-32707
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by...
Splunk Splunk Cloud Platform
Splunk Splunk
1 Metasploit module
3 Github repositories
NA
CVE-2013-4011
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
Ibm Aix 6.1
Ibm Aix 7.1
Ibm Vios 2.2.2.2
2 EDB exploits
7.8
CVSSv3
CVE-2018-14327
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" direc...
Ee Ee40vb Firmware
1 EDB exploit
7.8
CVSSv3
CVE-2018-6593
An issue exists in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by connecting to the filter communication port and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to e...
Malwarefox Antimalware 2.74.0.150
1 EDB exploit
1 Github repository
4.8
CVSSv3
CVE-2016-5237
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
Valvesoftware Steamos
1 EDB exploit
NA
CVE-2010-3895
esRunCommand in IBM OmniFind Enterprise Edition prior to 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
Ibm Omnifind 8.5
Ibm Omnifind
Ibm Omnifind 8.0
Ibm Omnifind 8.4
1 EDB exploit
8.8
CVSSv3
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
7.8
CVSSv3
CVE-2018-18860
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Switchvpn Switchvpn 2.1012.03
1 EDB exploit
7.8
CVSSv3
CVE-2016-3643
SolarWinds Virtualization Manager 6.3.1 and previous versions allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
Solarwinds Virtualization Manager
1 EDB exploit
7.8
CVSSv3
CVE-2017-14961
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c.
Ikarussecurity Anti.virus 2.16.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »