Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component
NuCom 11N Wireless Router 5.07.90 contains a privilege escalation vulnerability that allows non-privileged users to access administrative credentials through the configuration backup endpoint. Attacke
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware
A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation.
CVE-2024-9479
CRITICAL CVSS 10.0
Find Similar
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2.
CVE-2024-9478
CRITICAL CVSS 10.0
Find Similar
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2.
Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed.
HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administ
There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can el
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
QND Premium/Advance/Standard Ver.11.0.9i and prior contains a privilege escalation vulnerability, which may allow a user who can log in to a Windows system with the affected product to gain administra
A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connect
telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40
A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm.
The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting acco
ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured
A BOLA vulnerability in POST /providers allows a low privileged user to create a privileged user (provider) in the system. This results in privilege escalation.