Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-19321
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and previous versions, AORUS GRAPHICS ENGINE prior to 1.57, XTREME GAMING ENGINE prior to 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by...
Gigabyte App Center
Gigabyte Aorus Graphics Engine
Gigabyte Xtreme Gaming Engine
Gigabyte Oc Guru Ii 2.08
2 Github repositories
7.8
CVSSv3
CVE-2018-19322
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and previous versions, AORUS GRAPHICS ENGINE prior to 1.57, XTREME GAMING ENGINE prior to 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a numbe...
Gigabyte App Center
Gigabyte Aorus Graphics Engine
Gigabyte Xtreme Gaming Engine
Gigabyte Oc Guru Ii 2.08
9.8
CVSSv3
CVE-2018-19323
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and previous versions, AORUS GRAPHICS ENGINE prior to 1.57, XTREME GAMING ENGINE prior to 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).
Gigabyte Aorus Graphics Engine
Gigabyte Xtreme Gaming Engine
Gigabyte Gigabyte App Center
Gigabyte Oc Guru Ii 2.08
2 Github repositories
7.8
CVSSv3
CVE-2018-18535
The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and previous versions exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
Asus Aura Sync Firmware 1.07.22
7.8
CVSSv3
CVE-2018-18536
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and previous versions expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
Asus Aura Sync Firmware 1.07.22
5.5
CVSSv3
CVE-2018-18537
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and previous versions exposes a path to write an arbitrary DWORD to an arbitrary address.
Asus Aura Sync Firmware 1.07.22
7.8
CVSSv3
CVE-2020-24307
An issue in mRemoteNG v1.76.20 allows malicious users to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:(M) is present.
Mremoteng Mremoteng 1.76.20
7.2
CVSSv3
CVE-2020-14421
aaPanel up to and including 6.6.6 allows remote authenticated users to execute arbitrary commands via the Script Content box on the Add Cron Job screen.
Aapanel Aapanel
1 Github repository
8.8
CVSSv3
CVE-2019-5596
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE prior to 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicio...
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
8.8
CVSSv3
CVE-2020-11107
An issue exists in XAMPP prior to 7.2.29, 7.3.x prior to 7.3.16 , and 7.4.x prior to 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
Apachefriends Xampp
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »