CWE:
 

Tytuł
Data
Autor
Med.
Kemp LoadMaster Local sudo Privilege Escalation
13.05.2024
bwatters-r7
High
Openmediavault Remote Code Execution / Local Privilege Escalation
09.05.2024
Mert BENADAM
Med.
MinIO < 2024-01-31T20-20-33Z Privilege Escalation
14.04.2024
Jenson Zhao
High
Trimble TM4Web 22.2.0 Privilege Escalation / Access Code Disclosure
11.04.2024
Clement Cruchet
High
GUnet OpenEclass E-learning 3.15 File Upload / Command Execution
11.04.2024
Georgios Tsimpidas
High
Wordpress Plugin Membership For WooCommerce < v2.1.7 Arbitrary File Upload to Shell (Unauthenticated)
08.04.2024
Milad Karimi
Med.
Intel PowerGadget 3.6 Local Privilege Escalation
30.03.2024
Julian Horoszkiewicz
Med.
Checkmk Agent 2.0.0 / 2.1.0 / 2.2.0 Local Privilege Escalation
16.03.2024
Michael Baer
High
DataCube3 1.0 Shell Upload
11.03.2024
Samy Younsi
High
Petrol Pump Management Software v1.0 Remote Code Execution via File Upload
03.03.2024
Shubham Pandey
Med.
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation
22.02.2024
Johannes Volpel
High
Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload
15.02.2024
Andrey Stoykov
Med.
runc 1.1.11 File Descriptor Leak Privilege Escalation
06.02.2024
h00die
High
xbtitFM 4.1.18 SQL Injection / Shell Upload / Traversal
22.01.2024
Who cares anyway
Med.
Traceroute 2.1.2 Privilege Escalation
22.01.2024
g30ff1rl
Med.
cpio 2.13 Privilege Escalation
14.01.2024
Georgi Guninski
Med.
Microsoft SQL Server db_ddladmin Privilege Escalation
14.01.2024
Emad Al-Mousa
Med.
Android DeviceVersionFragment.java Privilege Escalation
14.01.2024
Amirhossein Bahramizad...
High
CMSMS 2.2.19 Arbitrary File Upload
06.01.2024
nu11secur1ty
High
Lot Reservation Management System 1.0 Shell Upload
31.12.2023
Elijah Mandila Syoyi
Med.
Glibc Tunables Privilege Escalation
24.12.2023
Blasty
High
Hospital Management System 4.0 XSS / Shell Upload / SQL Injection
24.12.2023
Louise Ng
High
osCommerce 4.13-60075 Shell Upload
17.12.2023
nu11secur1ty
Med.
Splunk edit_user Capability Privilege Escalation
27.10.2023
Heyder Andrade
High
SugarCRM 13.0.1 Shell Upload
27.10.2023
EgiX
High
Zoo Management System 1.0 Shell Upload
16.10.2023
Cagatay Ceyhan
High
BoidCMS 2.0.0 Shell Upload
10.10.2023
1337kid
High
glibc ld.so Local Privilege Escalation
08.10.2023
Qualys Security Adviso...
Med.
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation
02.10.2023
LiquidWorm
Med.
OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation
25.09.2023
Yasar Klawohn
Med.
Windows Common Log File System Driver (clfs.sys) Privilege Escalation
20.09.2023
Ricardo Narvaja
Med.
TECHView LA5570 Wireless Gateway 1.0.19_T53 Traversal / Privilege Escalation
09.09.2023
The Security Team
High
Soosyze 2.0.0 Arbitrary File Upload
09.09.2023
nu11secur1ty
High
Hyip Rio 2.1 Arbitrary File Upload
04.09.2023
CraCkEr
High
Online ID Generator 1.0 SQL Injection / Shell Upload
31.08.2023
nu11secur1ty
High
SugarCRM 12.2.0 Shell Upload
23.08.2023
EgiX
High
Hyip Rio 2.1 Cross Site Scripting / File Upload
16.08.2023
CraCkEr
High
systemd 246 Local Root Privilege Escalation
11.08.2023
Iyaad Luqman K
Med.
WordPress WP Project Manager 2.6.4 Privilege Escalation
11.08.2023
Chloe Chamberland
Med.
GNOME Files 43.4 Privilege Escalation
08.08.2023
Georgi Guninski
Med.
Webutler 3.2 Shell Upload
05.08.2023
Mirabbas Agalarov
High
Uvdesk 1.1.3 Shell Upload
01.08.2023
Daniel Barros
High
Blackcat CMS 1.4 Shell Upload
21.07.2023
Mirabbas Agalarov
High
Pluck 4.7.18 Remote Shell Upload
21.07.2023
nu11secur1ty
High
Foody Friend 1.0 Arbitrary File Upload / Cross Site Scripting
21.07.2023
CraCkEr
High
Listplace Directory Listing Platform 3.0 File Upload / Cross Site Scripting
21.07.2023
CraCkEr
Med.
Aures Booking And POS Terminal Local Privilege Escalation
19.07.2023
Vulnerability Laborato...
High
WordPress User Registration 3.0.2 Arbitrary File Upload
13.07.2023
Lana Codes
High
POS Codekop 2.0 Shell Upload
05.07.2023
yuyudhn
Med.
WordPress Ultimate Member 2.6.6 Privilege Escalation
30.06.2023
Marc-Alexandre Montpas
Med.
HiSecOS 04.0.01 Privilege Escalation
22.06.2023
dreizehnutters
High
Teachers Record Management System 1.0 File Upload Type Validation
15.06.2023
Affan
High
WordPress Workreap 2.2.2 Shell Upload
13.06.2023
Mohammad Hossein Khana...
Med.
WordPress Theme Workreap 2.2.2 Unauthenticated Upload Leading to Remote Code Execution
10.06.2023
Mohammad Hossein Khana...
Med.
CloudPanel 2.2.2 Privilege Escalation / Path Traversal
07.06.2023
EagleEye
High
unilogies/bumsys v1.0.3 beta Unrestricted File Upload
06.06.2023
AFFAN AHMED
High
Acelle Email Marketing 3.0.15 Arbitrary File Upload
02.06.2023
indoushka
High
Serenity / StartSharp Software File Upload / XSS / User Enumeration / Reusable Tokens
30.05.2023
Fabian Densborn
High
GetSimple CMS 3.3.16 Shell Upload
28.05.2023
Youssef Muhammad
High
Ivanti Avalanche FileStoreConfig Shell Upload
21.05.2023
Shelby Pace
High
Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload
21.05.2023
Fabian Densborn
High
IBM AIX 7.2 inscout Privilege Escalation
20.05.2023
Tim Brown
High
Millhouse-Project 1.414 Shell Upload
13.05.2023
Chokri Hammedi
Med.
GV-Edge Recording Manager 2.2.3.0 Privilege Escalation
08.05.2023
Andrea Intilangelo
High
File Thingie 2.5.7 Shell Upload
08.05.2023
Maurice Fielenbach
High
Wolf CMS 0.8.3.1 Shell Upload
07.05.2023
Ahmet Umit Bayram
Med.
MilleGPG5 5.9.2 Local Privilege Escalation
27.04.2023
Andrea Intilangelo
Med.
AspEmail v5.6.0.2 Local Privilege Escalation
25.04.2023
Zer0FauLT [admindeepse...
Med.
Stonesoft VPN Client 6.2.0 / 6.8.0 Local Privilege Escalation
23.04.2023
TOUHAMI KASBAOUI
High
ProjeQtOr Project Management System 10.3.2 Shell Upload
23.04.2023
Mirabbas Agalarov
Med.
Nokia OneNDS 17 Insecure Permissions / Privilege Escalation
23.04.2023
Valerio Casalino
Med.
Nokia OneNDS 20.9 Insecure Permissions / Privilege Escalation
21.04.2023
Giacomo Sighinolfi
High
KODExplorer 4.49 Cross Site Request Forgery / Shell Upload
21.04.2023
Mr Empy
Med.
Sielco Analog FM Transmitter 2.12 Remote Privilege Escalation
15.04.2023
LiquidWorm
Med.
File Replication Pro 7.5.0 Insecure Permissions / Privilege Escalation
14.04.2023
Andrea Intilangelo
Med.
Bludit 4.0.0-rc-2 Privilege Escalation
11.04.2023
nu11secur1ty
High
Roxy Fileman 1.4.5 Shell Upload
10.04.2023
Zer0FauLT
High
dotclear 2.25.3 Shell Upload
10.04.2023
Mirabbas Agalarov
Med.
Citrix 22.2.1.103 / 23.1.1.11 Local Privilege Escalation
05.04.2023
Touhami Kasbaoui
Med.
Windows 11 10.0.22000 Backup service Privilege Escalation
05.04.2023
nu11secur1ty
High
sudo 1.9.12p1 Privilege Escalation
03.04.2023
n3m1.sys
Med.
Forcepoint (Stonesoft VPN Client) 6.2.0 / 6.8.0 Local Privilege Escalation
02.04.2023
Touhami Kasbaoui
High
Bludit 3-14-1 Shell Upload
02.04.2023
Alperen Ergel
Med.
Zillya Total Security 3.0.2367.0 Local Privilege Escalation
02.04.2023
M. Akil Gündoğan
High
iBooking 1.0.8 Remote Shell Upload
30.03.2023
d1z1n370
Med.
Wondershare Dr Fone 12.9.6 Weak Permissions / Privilege Escalation
14.03.2023
Thurein Soe
Med.
Apache Tomcat Privilege Escalation
14.03.2023
h00die
High
Purchase Order Management 1.0 Shell Upload
08.03.2023
nu11secur1ty
High
Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload
01.03.2023
sf
Med.
Music Gallery Site 1.0 Privilege Escalation / Missing Authentication
26.02.2023
Navaid Ansari
Med.
Auto Dealer Management System 1.0 Privilege Escalation
26.02.2023
Navaid Ansari
High
Best POS Management System 1.0 Shell Upload
19.02.2023
Ahmed Ismail
Med.
Zabbix Agent 6.2.7 Insecure Permissions / Privilege Escalation
17.02.2023
mmg
High
Atrocore 1.5.25 Shell Upload
16.02.2023
nu11secur1ty
High
Monitorr 1.7.6 Shell Upload
10.02.2023
Achuth V P
High
macOS Dirty Cow Arbitrary File Write Local Privilege Escalation
06.02.2023
timwr
Med.
Oracle Database 12.1.0.2 Spatial Component Privilege Escalation
06.02.2023
Emad Al-Mousa
Med.
Apache Tomcat On Ubuntu Log Init Privilege Escalation
06.02.2023
h00die
Med.
io_uring Same Type Object Reuse Privilege Escalation
01.02.2023
h00die
Med.
vmwgfx Driver File Descriptor Handling Privilege Escalation
01.02.2023
h00die


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-03-14
Waiting for details
CVE-2024-22346

Updating...
 

 
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203.

 
2024-03-04
Waiting for details
CVE-2024-22452

Updating...
 

 
Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation.

 
2024-03-01
Waiting for details
CVE-2023-47716

Updating...
 

 
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656.

 
2024-02-02
Waiting for details
CVE-2023-47142

Updating...
 

 
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267.

 
2024-01-19
Waiting for details
CVE-2023-40683

Updating...
 

 
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005.

 
2023-07-10
Waiting for details
CVE-2023-3599

Updating...
 

 
A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function save_user of the file admin_class.php of the component Add User Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-233450 is the identifier assigned to this vulnerability.

 
2022-09-23
Waiting for details
CVE-2022-35238

Updating...
 

 
Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.

 
Waiting for details
CVE-2022-38134

Updating...
 

 
Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.

 
2022-09-12
Waiting for details
CVE-2022-38135

Updating...
 

 
Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings.

 
2022-09-09
Waiting for details
CVE-2022-38067

Updating...
 

 
Unauthenticated Event Deletion vulnerability in Totalsoft Event Calendar �?? Calendar plugin <= 1.4.6 at WordPress.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top