Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-7872
Comodo GeekBuddy prior to 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
Comodo Geekbuddy
1 EDB exploit
8.8
CVSSv3
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
NA
CVE-2015-4027
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) prior to 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
Acunetix Web Vulnerability Scanner
1 EDB exploit
7.8
CVSSv3
CVE-2016-3643
SolarWinds Virtualization Manager 6.3.1 and previous versions allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
Solarwinds Virtualization Manager
1 EDB exploit
7.8
CVSSv3
CVE-2018-18860
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Switchvpn Switchvpn 2.1012.03
1 EDB exploit
NA
CVE-2010-3895
esRunCommand in IBM OmniFind Enterprise Edition prior to 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
Ibm Omnifind 8.5
Ibm Omnifind
Ibm Omnifind 8.0
Ibm Omnifind 8.4
1 EDB exploit
7.8
CVSSv3
CVE-2018-6593
An issue exists in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by connecting to the filter communication port and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to e...
Malwarefox Antimalware 2.74.0.150
1 EDB exploit
1 Github repository
4.8
CVSSv3
CVE-2016-5237
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
Valvesoftware Steamos
1 EDB exploit
NA
CVE_2024_24747
MinIO versions prior to 2024-01-31T20-20-33Z suffer from a privilege escalation vulnerability.
8.8
CVSSv3
CVE-2022-38577
ProcessMaker before v3.5.4 exists to contain insecure permissions in the user profile page. This vulnerability allows malicious users to escalate normal users to Administrators.
Processmaker Processmaker
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »