Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-4341
Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI
Broadcom Raid Controller Web Interface 51.12.0-2779
9.8
CVSSv3
CVE-2023-21242
In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for ...
Google Android 13.0
9.8
CVSSv3
CVE-2023-20965
In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploita...
Google Android 13.0
9.8
CVSSv3
CVE-2023-25775
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Intel Ethernet Controller Rdma Driver For Linux
9.8
CVSSv3
CVE-2023-39004
Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition prior to 23.7 and Business Edition prior to 23.4.2 allow malicious users to access sensitive information (e.g., hashed root password) which could lead to privilege escalation.
Opnsense Opnsense
9.8
CVSSv3
CVE-2023-39213
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client prior to 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.
Zoom Virtual Desktop Infrastructure
Zoom Zoom
9.8
CVSSv3
CVE-2023-20586
A potential vulnerability was reported in Radeon™ Software Crimson ReLive Edition which may allow escalation of privilege. Radeon™ Software Crimson ReLive Edition falls outside of the security support lifecycle and AMD does not plan to release any mitigations
Amd Radeon Software -
9.8
CVSSv3
CVE-2023-39216
Improper input validation in Zoom Desktop Client for Windows prior to 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
Zoom Zoom
9.8
CVSSv3
CVE-2023-36534
Path traversal in Zoom Desktop Client for Windows prior to 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
Zoom Zoom
9.8
CVSSv3
CVE-2023-30765
?Delta Electronics InfraSuite Device Master versions before 1.0.7 contain improper access controls that could allow an malicious user to alter privilege management configurations, resulting in privilege escalation.
Deltaww Infrasuite Device Master
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »