Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
administrator privileges vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2015-1170
The NVIDIA Display Driver R304 prior to 309.08, R340 prior to 341.44, R343 prior to 345.20, and R346 prior to 347.52 does not properly validate local client impersonation levels when performing a "kernel administrator check," which allows local users to gain administrat...
Nvidia Gpu Driver R304
Nvidia Gpu Driver R340
Nvidia Gpu Driver R343
Nvidia Gpu Driver R346
187
VMScore
CVE-2020-5362
Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the Dell Manageability interface for which an unauthorized actor, with local system access with OS administrator privileges, could bypass the BIOS Administrator authentication to rest...
Dell Chengming 3967 Firmware
Dell Chengming 3977 Firmware
Dell Chengming 3980 Firmware
Dell Chengming 3988 Firmware
Dell Chengming 3990 Firmware
Dell Chengming 3991 Firmware
Dell G3 15 3500 Firmware
Dell G3 15 3590 Firmware
Dell G3 3579 Firmware
Dell G3 3779 Firmware
Dell G5 15 5500 Firmware
Dell G5 15 5590 Firmware
Dell G5 5587 Firmware
Dell G7 15 7590 Firmware
Dell G7 17 7790 Firmware
Dell G7 7588 Firmware
Dell Embedded Box Pc 5000 Firmware
Dell G5 5090 Firmware
Dell Inspiron 11 2-in-1 3153 Firmware
Dell Inspiron 11 2-in-1 3158 Firmware
Dell Inspiron 13 7370 Firmware
Dell Inspiron 13 2-in-1 5368 Firmware
668
VMScore
CVE-2019-11618
doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this vulnerability to gain administrator privileges for the creation and modification of articles via an H0XZlT44FcN1j9LTdFc5XRXhlF30UaGe1g3cZY6i1K9 access_token in a uri=blog&action=...
Doorgets Doorgets Cms 7.0
365
VMScore
CVE-2015-3202
fusermount in FUSE prior to 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
Debian Debian Linux 8.0
Fuse Project Fuse
1 EDB exploit
NA
CVE-2022-37771
IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.
Iobit Malware Fighter 9.2
605
VMScore
CVE-2017-17056
The ZKTime Web Software 2.0.1.12280 allows the Administrator to elevate the privileges of the application user using a 'password_change()' function of the Modify Password component, reachable via the old_password, new_password1, and new_password2 parameters to the /acco...
Zkteco Zktime Web 2.0.1.12280
711
VMScore
CVE-2014-0038
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel prior to 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
Linux Linux Kernel
Opensuse Opensuse 12.3
4 EDB exploits
4 Github repositories
320
VMScore
CVE-2021-25271
A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318.
Sophos Hitmanpro
890
VMScore
CVE-1999-0760
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
Allaire Coldfusion Server 4.0
Allaire Coldfusion Server 4.0.1
Allaire Coldfusion Server 3.1.1
Allaire Coldfusion Server 3.1.2
Allaire Coldfusion Server 3.0.1
Allaire Coldfusion Server 3.1
Allaire Coldfusion Server 2.0
Allaire Coldfusion Server 3.0
890
VMScore
CVE-2022-24260
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows malicious users to escalate privileges to the Administrator level.
Voipmonitor Voipmonitor
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »