Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2201
The Message Transfer Service (MTS) in Cisco NX-OS prior to 6.2(7) on MDS 9000 devices and 6.0 prior to 6.0(2) on Nexus 7000 devices allows remote malicious users to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bu...
Cisco Nx-os 6.0\\(1\\)
Cisco Nexus 7000 -
Cisco Nexus 7000 10-slot -
Cisco Nexus 7000 9-slot -
Cisco Nexus 7000 18-slot -
Cisco Nx-os
Cisco Nx-os 6.2\\(5\\)
Cisco Nx-os 6.2\\(3n\\)
Cisco Nx-os 6.2\\(1n\\)
Cisco Nx-os 6.2\\(3\\)
Cisco Nx-os 6.2\\(1\\)
Cisco Mds 9100 -
Cisco Mds 9000
NA
CVE-2006-1960
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express prior to 2.13 allows remote malicious users to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archi...
Cisco Wireless Lan Solution Engine 2.0
Cisco Wireless Lan Solution Engine 2.1
Cisco Wireless Lan Solution Engine 2.10
Cisco Wireless Lan Solution Engine 2.13
Cisco Wireless Lan Solution Engine 2.2
Cisco Wireless Lan Solution Engine 2.5
Cisco Wireless Lan Solution Engine 2.6
Cisco Wireless Lan Solution Engine 2.11
Cisco Wireless Lan Solution Engine 2.12
Cisco Wireless Lan Solution Engine 2.3
Cisco Wireless Lan Solution Engine 2.4
Cisco Wireless Lan Solution Engine 2.7
Cisco Wireless Lan Solution Engine 2.8
Cisco Wireless Lan Solution Engine 2.9
1 EDB exploit
8.8
CVSSv3
CVE-2013-6231
SpagoBI prior to 4.1 has Privilege Escalation via an error in the AdapterHTTP script
Eng Spagobi
1 EDB exploit
7.5
CVSSv3
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
303 Github repositories
4 Articles
NA
CVE-2012-2095
The SetWiredProperty function in the D-Bus interface in WICD prior to 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
Fedoraproject Fedora 15
David Paleino Wicd 1.5.3
David Paleino Wicd 1.5.2
David Paleino Wicd 1.5.1
David Paleino Wicd 1.5.0
Fedoraproject Fedora 16
David Paleino Wicd
David Paleino Wicd 1.5.6
David Paleino Wicd 1.5.4
David Paleino Wicd 1.4.2
David Paleino Wicd 1.4.0
David Paleino Wicd 1.7.0
David Paleino Wicd 1.6.2
David Paleino Wicd 1.6.0
David Paleino Wicd 1.5.9
David Paleino Wicd 1.5.8
David Paleino Wicd 1.2.7
Fedoraproject Fedora 17
David Paleino Wicd 1.7.1
David Paleino Wicd 1.5.7
David Paleino Wicd 1.5.5
David Paleino Wicd 1.4.1
1 EDB exploit
8.8
CVSSv3
CVE-2024-24747
MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, a...
Minio Minio 2024-01-31t20-20-33z
7
CVSSv3
CVE-2016-1531
Exim prior to 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
Exim Exim
3 EDB exploits
6 Github repositories
7.8
CVSSv3
CVE-2018-10709
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to...
Asrock Rgbled
Asrock Restart To Uefi
Asrock F-stream
Asrock A-tuning
1 EDB exploit
8.8
CVSSv3
CVE-2019-14347
Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.
Schben Adive
1 EDB exploit
8.8
CVSSv3
CVE-2019-3010
Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Orac...
Oracle Solaris 11
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »