Show filters
40,883 Total Results
Displaying 61-70 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Very High
CVE-2019-1388
Disclosure Date: November 12, 2019 (last updated November 27, 2024)
An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.
3
Attacker Value
Low
CVE-2019-14287
Disclosure Date: October 17, 2019 (last updated November 08, 2023)
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
1
Attacker Value
Moderate
CVE-2019-2215
Disclosure Date: October 11, 2019 (last updated July 26, 2024)
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
1
Attacker Value
Very High
Serv-U FTP Server prepareinstallation Privilege Escalation
Disclosure Date: June 17, 2019 (last updated November 27, 2024)
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
3
Attacker Value
Unknown
CVE-2024-30103
Disclosure Date: June 11, 2024 (last updated January 05, 2025)
Microsoft Outlook Remote Code Execution Vulnerability
3
Attacker Value
Very High
CVE-2023-52251
Disclosure Date: January 25, 2024 (last updated February 01, 2024)
An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.
2
Attacker Value
Low
CVE-2023-41474
Disclosure Date: January 25, 2024 (last updated February 01, 2024)
Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component.
2
Attacker Value
Unknown
CVE-2023-6548
Disclosure Date: January 17, 2024 (last updated January 26, 2024)
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
3
Attacker Value
High
CVE-2024-20656
Disclosure Date: January 09, 2024 (last updated January 04, 2025)
Visual Studio Elevation of Privilege Vulnerability
2
Attacker Value
Very High
CVE-2023-50445
Disclosure Date: December 28, 2023 (last updated January 06, 2024)
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module.
2
