Show filters
35,483 Total Results
Displaying 11-20 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Very High
CVE-2020-1337
Disclosure Date: August 17, 2020 (last updated January 19, 2024)
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.
The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.
6
Attacker Value
High
CVE-2020-1147
Disclosure Date: July 14, 2020 (last updated October 07, 2023)
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
5
Attacker Value
High
CVE-2023-4911
Disclosure Date: October 03, 2023 (last updated February 23, 2024)
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
4
Attacker Value
High
CVE-2023-23399
Disclosure Date: March 14, 2023 (last updated October 08, 2023)
Microsoft Excel Remote Code Execution Vulnerability
4
Attacker Value
Unknown
CVE-2022-0847
Disclosure Date: March 10, 2022 (last updated October 07, 2023)
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
6
Attacker Value
Unknown
CVE-2021-34484
Disclosure Date: August 12, 2021 (last updated December 29, 2023)
Windows User Profile Service Elevation of Privilege Vulnerability
5
Attacker Value
High
CVE-2021-1732
Disclosure Date: February 25, 2021 (last updated December 30, 2023)
Windows Win32k Elevation of Privilege Vulnerability
6
Attacker Value
Low
CVE-2020-0986
Disclosure Date: June 09, 2020 (last updated October 06, 2023)
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
4
Attacker Value
Moderate
CVE-2017-5715
Disclosure Date: January 04, 2018 (last updated October 06, 2023)
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
6
Attacker Value
Very High
CVE-2023-28252
Disclosure Date: April 11, 2023 (last updated December 14, 2023)
Windows Common Log File System Driver Elevation of Privilege Vulnerability
4
