Show filters
17 Total Results
Displaying 1-10 of 17
Sort by:
Attacker Value
Very High

CVE-2021-21985

Disclosure Date: May 26, 2021 (last updated June 29, 2021)
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
Attacker Value
Very High

CVE-2022-37969

Disclosure Date: September 13, 2022 (last updated June 29, 2024)
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Attacker Value
Very High

CVE-2023-35885

Disclosure Date: June 20, 2023 (last updated October 08, 2023)
CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication.
Attacker Value
Very High

CVE-2024-37085

Disclosure Date: June 25, 2024 (last updated August 09, 2024)
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.
Attacker Value
Low

CVE-2022-38108

Disclosure Date: October 19, 2022 (last updated October 08, 2023)
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Attacker Value
High

CVE-2024-35250

Disclosure Date: June 11, 2024 (last updated June 21, 2024)
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Attacker Value
Unknown

CVE-2024-33500

Disclosure Date: June 11, 2024 (last updated June 12, 2024)
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11.0), Mendix Applications using Mendix 10 (V10.6) (All versions < V10.6.9), Mendix Applications using Mendix 9 (All versions >= V9.3.0 < V9.24.22). Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a target role which contains the elevated access rights.
0
Attacker Value
Unknown

CVE-2024-24823

Disclosure Date: February 07, 2024 (last updated February 16, 2024)
Graylog is a free and open log management platform. Starting in version 4.3.0 and prior to versions 5.1.11 and 5.2.4, reauthenticating with an existing session cookie would re-use that session id, even if for different user credentials. In this case, the pre-existing session could be used to gain elevated access to an existing Graylog login session, provided the malicious user could successfully inject their session cookie into someone else's browser. The complexity of such an attack is high, because it requires presenting a spoofed login screen and injection of a session cookie into an existing browser, potentially through a cross-site scripting attack. No such attack has been discovered. Graylog 5.1.11 and 5.2.4, and any versions of the 6.0 development branch, contain patches to not re-use sessions under any circumstances. Some workarounds are available. Using short session expiration and explicit log outs of unused sessions can help limiting the attack vector. Unpatched this vulner…
Attacker Value
Unknown

CVE-2022-33140

Disclosure Date: June 15, 2022 (last updated October 07, 2023)
The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the default configuration. Command injection requires ShellUserGroupProvider to be one of the enabled User Group Providers in the Authorizers configuration. Command injection also requires an authenticated user with elevated privileges. Apache NiFi requires an authenticated user with authorization to modify access policies in order to execute the command. Apache NiFi Registry requires an authenticated user with authorization to read user groups in order to execute the command. The resolution removes command formatting based on user-provided arguments.
Attacker Value
Unknown

CVE-2020-7323

Disclosure Date: September 08, 2020 (last updated November 08, 2023)
Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing dependent and requires physical access to the machine.