Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-5227
QNAP QTS prior to 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file.
Qnap Qts
1 EDB exploit
8.8
CVSSv3
CVE-2017-5671
Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers prior to 10.11.013310 and 10.12.x prior to 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root pr...
Honeywell Intermec Pm42 Firmware
Honeywell Intermec Pm43 Firmware
Honeywell Intermec Pm23 Firmware
Honeywell Intermec Pd43 Firmware
Honeywell Intermec Pc42 Firmware
Honeywell Intermec Pc23 Firmware
Honeywell Intermec Pc43 Firmware
1 EDB exploit
8.8
CVSSv3
CVE-2021-40857
Auerswald COMpact 5500R devices prior to 8.2B allow Privilege Escalation via the passwd=1 substring.
Auerswald Compact 5500r Ip Firmware
Auerswald Compact 5200r Ip Firmware
Auerswald Compact 5000r Ip Firmware
Auerswald Compact 4000 Ip Firmware
Auerswald Commander 6000r Ip Firmware
Auerswald Commander 6000rx Ip Firmware
Auerswald Commander Business\\(19\\\"\\) Ip Firmware
Auerswald Commander Basic.2\\(19\\\"\\) Ip Firmware
Auerswald Compact 5010 Voip Ip Firmware
Auerswald Compact 5020 Voip Ip Firmware
8.4
CVSSv3
CVE-2017-3316
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox before 5.0.32 and before 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
Oracle Vm Virtualbox 5.0.30
Oracle Vm Virtualbox 5.1.12
1 EDB exploit
NA
CVE-2007-0467
crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/.
Apple Mac Os X 10.4.8
1 EDB exploit
NA
CVE-2014-9643
K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security prior to 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x9500...
K7computing K7sentry.sys
K7computing Anti-virus Plus
K7computing Total Security
K7computing Ultimate Security
1 EDB exploit
8.2
CVSSv3
CVE-2017-11322
The chroothole_client executable in UCOPIA Wireless Appliance prior to 5.1.8 allows remote malicious users to gain root privileges via a dollar sign ($) metacharacter in the argument to chroothole_client.
Ucopia Ucopia Wireless Appliance
1 EDB exploit
NA
CVE-2014-2533
/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
Blackberry Qnx Neutrino Rtos 6.4.1
Blackberry Qnx Neutrino Rtos 6.5.0
2 EDB exploits
NA
CVE-2005-3098
poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument.
Qualcomm Qpopper 4.0.8
2 EDB exploits
8.8
CVSSv3
CVE-2017-15013
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, w...
Opentext Documentum Content Server
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »