Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
470
VMScore
CVE-2017-3630
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compr...
Oracle Solaris 10
Oracle Solaris 11
2 EDB exploits
470
VMScore
CVE-2017-3631
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise ...
Oracle Solaris 11
2 EDB exploits
730
VMScore
CVE-2010-4170
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.
Systemtap Systemtap 1.3
2 EDB exploits
725
VMScore
CVE-2018-0438
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local malicious user to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is d...
Cisco Umbrella Enterprise Roaming Client
1 EDB exploit
465
VMScore
CVE-2019-18862
maidag in GNU Mailutils prior to 3.8 is installed setuid and allows local privilege escalation in the url mode.
Gnu Mailutils
1 EDB exploit
641
VMScore
CVE-2018-18535
The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and previous versions exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
Asus Aura Sync Firmware 1.07.22
641
VMScore
CVE-2018-18536
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and previous versions expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
Asus Aura Sync Firmware 1.07.22
187
VMScore
CVE-2018-18537
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and previous versions exposes a path to write an arbitrary DWORD to an arbitrary address.
Asus Aura Sync Firmware 1.07.22
655
VMScore
CVE-2015-7707
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.
Igniterealtime Openfire 3.10.2
1 EDB exploit
642
VMScore
CVE-2018-19321
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and previous versions, AORUS GRAPHICS ENGINE prior to 1.57, XTREME GAMING ENGINE prior to 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by...
Gigabyte App Center
Gigabyte Aorus Graphics Engine
Gigabyte Xtreme Gaming Engine
Gigabyte Oc Guru Ii 2.08
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »