Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege escalation vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-13110
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
Adbglobal Dv2210 Firmware -
Adbglobal Vv2220 Firmware -
Adbglobal Vv5522 Firmware -
Adbglobal Prg Av4202n Firmware -
1 EDB exploit
7.8
CVSSv3
CVE-2017-6178
The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference.
Usbpcap Project Usbpcap 1.1.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2012-4284
A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code
Sparklabs Viscosity 1.4.1
2 EDB exploits
NA
CVE-2008-2232
The expand_template function in afuse.c in afuse 0.2 allows local users to gain privileges via shell metacharacters in a pathname.
Afuse Afuse 0.2
NA
CVE-2008-1625
aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOCTL 0xb2d60030, which allows local users to gain privileges via certain IOCTL requests.
Avast Avast Antivirus Home 4.7.1043
Avast Avast Antivirus Home 4.7.1098
Avast Avast Antivirus Home 4.7.827
Avast Avast Antivirus Home 4.7.844
Avast Avast Antivirus Home 4.7.869
Avast Avast Antivirus Professional 4.7.844
Avast Avast Antivirus Professional 4.7.1043
Avast Avast Antivirus Professional 4.7.1098
Avast Avast Antivirus Professional 4.7.827
1 EDB exploit
NA
CVE-2014-9642
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup prior to 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
Bullguard Bdagent.sys
Bullguard Internet Security
Bullguard Online Backup
Bullguard Premium Protection
1 EDB exploit
6.5
CVSSv3
CVE-2014-1889
The Group creation process in the Buddypress plugin prior to 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check.
Buddypress Buddypress
1 EDB exploit
NA
CVE-2011-0727
GNOME Display Manager (gdm) 2.x prior to 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
Gnome Gdm 2.2
Gnome Gdm 2.3
Gnome Gdm 2.16
Gnome Gdm 2.17
Gnome Gdm 2.0
Gnome Gdm 2.14
Gnome Gdm 2.15
Gnome Gdm 2.22
Gnome Gdm 2.23
Gnome Gdm 2.30
Gnome Gdm 2.31
Gnome Gdm 2.4
Gnome Gdm 2.5
Gnome Gdm 2.6
Gnome Gdm 2.18
Gnome Gdm 2.19
Gnome Gdm 2.26
Gnome Gdm 2.27
Gnome Gdm 2.8
Gnome Gdm 2.13
Gnome Gdm 2.20
Gnome Gdm 2.21
7.8
CVSSv3
CVE-2018-10900
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an malicious user to execute arbi...
Gnome Network Manager Vpnc
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit
NA
CVE-2014-0476
The slapper function in chkrootkit prior to 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 13.10
Chkrootkit Chkrootkit
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »