Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2017-14798
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
Postgresql Postgresql
Suse Suse Linux Enterprise Server 11
1 EDB exploit
7.8
CVSSv3
CVE-2018-10709
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to...
Asrock Rgbled
Asrock Restart To Uefi
Asrock F-stream
Asrock A-tuning
1 EDB exploit
7.1
CVSSv3
CVE-2018-10710
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local mali...
Asrock Restart To Uefi
Asrock A-tuning
Asrock Rgbled
Asrock F-stream
1 EDB exploit
7.8
CVSSv3
CVE-2018-10711
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to exec...
Asrock A-tuning
Asrock Restart To Uefi
Asrock F-stream
Asrock Rgbled
1 EDB exploit
7.8
CVSSv3
CVE-2018-10712
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ...
Asrock F-stream
Asrock A-tuning
Asrock Rgbled
Asrock Restart To Uefi
1 EDB exploit
8.8
CVSSv3
CVE-2019-3010
Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Orac...
Oracle Solaris 11
1 EDB exploit
1 Github repository
NA
CVE-2012-3485
Tunnelblick 3.3beta20 and previous versions relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
Google Tunnelblick
2 EDB exploits
9.8
CVSSv3
CVE-2011-2921
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.
Ktsuss Project Ktsuss
1 EDB exploit
7.8
CVSSv3
CVE-2018-6606
An issue exists in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by sending IOCTL 0x80002010 and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges.
Malwarefox Antimalware 2.74.0.150
1 EDB exploit
2 Github repositories
7.8
CVSSv3
CVE-2020-3950
VMware Fusion (11.x prior to 11.5.2), VMware Remote Console for Mac (11.x and prior prior to 11.0.1) and Horizon Client for Mac (5.x and prior prior to 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issu...
Vmware Fusion
Vmware Horizon Client
Vmware Remote Console
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »