Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2833
The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rx_set_screen_options' function. This makes it possible for authenticated attackers, with minimal permissions such as ...
Wpdeveloper Reviewx
1 Github repository
7.2
CVSSv2
CVE-2016-8769
Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file in the search path of the affected service and obtain elevated privileges after t...
Huawei Utps Firmware
1 EDB exploit
7.2
CVSSv2
CVE-2016-6253
mail.local in NetBSD versions 6.0 up to and including 6.0.6, 6.1 up to and including 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
Netbsd Netbsd 6.1.3
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 6.0.2
Netbsd Netbsd 6.0.3
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1.4
Netbsd Netbsd 7.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1
Netbsd Netbsd 6.1.5
2 EDB exploits
6
CVSSv2
CVE-2017-3316
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox before 5.0.32 and before 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
Oracle Vm Virtualbox 5.0.30
Oracle Vm Virtualbox 5.1.12
1 EDB exploit
7.2
CVSSv2
CVE-2018-0438
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local malicious user to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is d...
Cisco Umbrella Enterprise Roaming Client
1 EDB exploit
4.6
CVSSv2
CVE-2019-18862
maidag in GNU Mailutils prior to 3.8 is installed setuid and allows local privilege escalation in the url mode.
Gnu Mailutils
1 EDB exploit
NA
CVE-2023-36594
Windows Graphics Component Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 11 22h2
Microsoft Windows 11 21h2
Microsoft Windows 10 1507
Microsoft Windows 10 1809
Microsoft Windows 10 21h1
Microsoft Windows 10 22h2
7.2
CVSSv2
CVE-2014-4971
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Acces...
Microsoft Windows Xp
4 EDB exploits
NA
CVE-2024-1155
Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access.
7.2
CVSSv2
CVE-2017-0358
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.
Tuxera Ntfs-3g
Debian Debian Linux 8.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »