Show filters
1,569 topics marked with the following tags:
Displaying 11-20 of 1,569
Sort by:
Attacker Value
Unknown
CVE-2023-25717
Disclosure Date: February 13, 2023 (last updated October 08, 2023)
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
0
Attacker Value
Unknown
CVE-2020-13896
Disclosure Date: June 29, 2020 (last updated October 07, 2023)
The web interface of Maipu MP1800X-50 7.5.3.14(R) devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime. This is similar to CVE-2019-1653.
0
Attacker Value
Very High
Serv-U FTP Server prepareinstallation Privilege Escalation
Disclosure Date: June 17, 2019 (last updated October 06, 2023)
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
3
Attacker Value
Unknown
CVE-2017-5698
Disclosure Date: September 05, 2017 (last updated October 05, 2023)
Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges.
0
Attacker Value
Unknown
CVE-2020-13756
Disclosure Date: June 03, 2020 (last updated October 06, 2023)
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors() or getSelectorsBySpecificity() is called with input from an attacker.
0
Attacker Value
Unknown
CVE-2022-31459
Disclosure Date: June 02, 2022 (last updated October 07, 2023)
Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth.
0
Attacker Value
Unknown
CVE-2019-1303
Disclosure Date: September 11, 2019 (last updated October 06, 2023)
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1253, CVE-2019-1278.
0
Attacker Value
Unknown
CVE-2017-8552
Disclosure Date: June 15, 2017 (last updated October 05, 2023)
A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows 8 allows an elevation of privilege when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE is unique from CVE-2017-0263.
0
Attacker Value
Unknown
CVE-2022-36408
Disclosure Date: July 22, 2022 (last updated November 08, 2023)
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-31181. Reason: This candidate is a duplicate of CVE-2022-31181. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2022-31181 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
0
Attacker Value
Unknown
CVE-2022-26928
Disclosure Date: September 13, 2022 (last updated December 20, 2023)
Windows Photo Import API Elevation of Privilege Vulnerability
0
