Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
NA
CVE-2015-4027
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) prior to 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
Acunetix Web Vulnerability Scanner
1 EDB exploit
NA
CVE-2014-7872
Comodo GeekBuddy prior to 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
Comodo Geekbuddy
1 EDB exploit
NA
CVE-2013-4011
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
Ibm Aix 6.1
Ibm Aix 7.1
Ibm Vios 2.2.2.2
2 EDB exploits
8.8
CVSSv3
CVE-2019-12181
A privilege escalation vulnerability exists in SolarWinds Serv-U prior to 15.1.7 for Linux.
Solarwinds Serv-u Mft Server
Solarwinds Serv-u Ftp Server
3 EDB exploits
2 Github repositories
8.8
CVSSv3
CVE-2021-40857
Auerswald COMpact 5500R devices prior to 8.2B allow Privilege Escalation via the passwd=1 substring.
Auerswald Compact 5500r Ip Firmware
Auerswald Compact 5200r Ip Firmware
Auerswald Compact 5000r Ip Firmware
Auerswald Compact 4000 Ip Firmware
Auerswald Commander 6000r Ip Firmware
Auerswald Commander 6000rx Ip Firmware
Auerswald Commander Business\\(19\\\"\\) Ip Firmware
Auerswald Commander Basic.2\\(19\\\"\\) Ip Firmware
Auerswald Compact 5010 Voip Ip Firmware
Auerswald Compact 5020 Voip Ip Firmware
6.5
CVSSv3
CVE-2017-1000373
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows malicious users to consume arbitrary amounts of stack memory and manipulate st...
Openbsd Openbsd
1 EDB exploit
NA
CVE-2009-0036
Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the ...
Libvirt Libvirt 0.5.1
1 EDB exploit
8.8
CVSSv3
CVE-2017-15013
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, w...
Opentext Documentum Content Server
1 EDB exploit
7.5
CVSSv3
CVE-2017-5227
QNAP QTS prior to 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file.
Qnap Qts
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »