Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2019-3010
Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Orac...
Oracle Solaris 11
1 EDB exploit
1 Github repository
9
CVSSv2
CVE-2017-12479
It exists that an issue in the session logic in Unitrends Backup (UB) prior to 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could t...
Kaseya Unitrends Backup
1 EDB exploit
4.4
CVSSv2
CVE-2014-2630
Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.
Hp Operations Agent 11.0
1 Github repository
9
CVSSv2
CVE-2014-2197
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a craft...
Cisco Unified Cdm Application Software
Cisco Unified Communications Domain Manager -
10
CVSSv2
CVE-2014-2198
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software prior to 4.4.2 has a hardcoded SSH private key, which makes it easier for remote malicious users to obtain access to the support and root accounts by extracting this key from a binary file found in...
Cisco Unified Cdm Platform Software
Cisco Unified Communications Domain Manager -
7.5
CVSSv2
CVE-2014-3300
The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software prior to 10 does not properly implement access control, which allows remote malicious users to modify user information via a crafted URL, aka Bug ID CS...
Cisco Unified Communications Domain Manager -
Cisco Unified Cdm Application Software 8.1
Cisco Unified Cdm Application Software
7.2
CVSSv2
CVE-2018-18859
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
7.2
CVSSv2
CVE-2018-18856
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
7.2
CVSSv2
CVE-2018-18857
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
7.2
CVSSv2
CVE-2018-18858
Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client up to and including 1.37 for macOS. An attacker can communicate with an unprotected XPC service and directly execute arbitrary OS commands as root or load a potentially malicious kern...
Liquidvpn Liquidvpn
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »