ReportizFlow
Filtered by vendor
Subscriptions
Total
2022 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-3137 | 2024-11-21 | N/A | ||
| Improper Privilege Management in uvdesk/community-skeleton | ||||
| CVE-2024-39819 | 2024-11-21 | 6.7 Medium | ||
| Improper privilege management in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access. | ||||
| CVE-2024-39302 | 2024-11-21 | 3.7 Low | ||
| BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the `/usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0` directory with the goal of privilege escalation, potentially exposing sensitive information on the server. This issue has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7. | ||||
| CVE-2024-39206 | 1 Msp360 | 1 Backup Agent | 2024-11-21 | 7.5 High |
| An issue discovered in MSP360 Backup Agent v7.8.5.15 and v7.9.4.84 allows attackers to obtain network share credentials used in a backup due to enginesettings.list being encrypted with a hard coded key. | ||||
| CVE-2024-38014 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2024-11-21 | 7.8 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2024-37952 | 1 Themeenergy | 1 Book Your Travel | 2024-11-21 | 8.8 High |
| Improper Privilege Management vulnerability in themeenergy BookYourTravel allows Privilege Escalation.This issue affects BookYourTravel: from n/a through 8.18.17. | ||||
| CVE-2024-37927 | 2024-11-21 | 9.8 Critical | ||
| Improper Privilege Management vulnerability in NooTheme Jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through 4.7.0. | ||||
| CVE-2024-37858 | 1 Lost And Found Information System Project | 1 Lost And Found Information System | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php. | ||||
| CVE-2024-37726 | 1 Micro Star International Co | 1 Msi Center | 2024-11-21 | 6.8 Medium |
| Insecure Permissions vulnerability in Micro-Star International Co., Ltd MSI Center v.2.0.36.0 allows a local attacker to escalate privileges via the Export System Info function in MSI.CentralServer.exe | ||||
| CVE-2024-37665 | 2024-11-21 | 8.8 High | ||
| An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate privileges to Administrator via a crafted POST request. | ||||
| CVE-2024-37560 | 1 Iqbalrony | 1 Wp User Switch | 2024-11-21 | 8 High |
| Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0. | ||||
| CVE-2024-37484 | 2024-11-21 | 8.8 High | ||
| Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.This issue affects Zephyr Project Manager: from n/a through 3.3.97. | ||||
| CVE-2024-37455 | 1 Brainstormforce | 1 Ultimate Addons For Elementor | 2024-11-21 | 8.8 High |
| Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.31. | ||||
| CVE-2024-37364 | 1 Ariane Allegro | 1 Scenario Player | 2024-11-21 | 6.8 Medium |
| Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows physically proximate attackers to obtain sensitive information (such as hotel invoice content with PII), and potentially create unauthorized room keys, by entering a guest-search quote character and then accessing the underlying Windows OS. | ||||
| CVE-2024-37133 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 6.7 Medium |
| Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access. | ||||
| CVE-2024-37126 | 1 Dell | 1 Powerscale Onefs | 2024-11-21 | 6.7 Medium |
| Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access. | ||||
| CVE-2024-37107 | 1 Wishlistmember | 1 Wishlist Member X | 2024-11-21 | 8.8 High |
| Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a before 3.26.7. | ||||
| CVE-2024-36586 | 1 Adguard | 1 Adguardhome | 2024-11-21 | 8.8 High |
| An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary. | ||||
| CVE-2024-36500 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.8 High |
| Privilege escalation vulnerability in the AMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-36499 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 6.8 Medium |
| Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||