Privilege Escalation

This vulnerability allows an attacker to escalate their privileges on a Linux system by exploiting a flaw in the nftables framework, which could let them access restricted resources. It requires the attacker to be an unprivileged user with access to user namespaces and nftables on systems that have certain kernel configurations enabled.

This vulnerability allows an attacker to gain higher access privileges in the FlexCity/Kiosk software, potentially letting them control the system without proper authentication. It affects versions before 1.0.36, meaning anyone using an older version is at risk.

This vulnerability allows an attacker to gain higher access privileges within the FlexCity/Kiosk software, potentially letting them perform unauthorized actions. It affects versions before 1.0.36 and occurs because the software doesn't properly restrict access to critical functions.

This vulnerability allows a local attacker to run their own code with higher privileges on a system, which could lead to full control over the affected machine. To exploit this, the attacker needs to place a malicious file in a specific location where the software looks for its necessary files.

This vulnerability allows an attacker with local access to a system to gain higher privileges than they should have, potentially letting them control the system or access sensitive data. It affects specific versions of Acronis Cyber Protect products before certain builds, meaning attackers need to be able to log into the system first to exploit it.

This vulnerability allows a remote user with valid login credentials to gain higher privileges than intended within the Hitachi Storage Plug-in for VMware vCenter, potentially giving them unauthorized access to sensitive functions or data. It affects versions from 04.8.0 up to, but not including, 04.9.0, meaning users on these versions are at risk if they have authenticated access.

This vulnerability allows an attacker to run their own commands on a Windows system by tricking McAfee Agent into executing a malicious file. To exploit it, the attacker needs local access to the machine and must place a specially crafted file in the right folder, which can then lead to gaining higher privileges on the system.

An attacker can upload a malicious Power BI template that includes harmful HTML files, which can then execute scripts in the context of a user’s session, potentially allowing the attacker to gain higher privileges if the victim has admin rights. This requires the victim to be tricked into accessing the malicious HTML files while logged into the Power BI Report Server.

This vulnerability allows a local user to gain administrator privileges on a system running McAfee's Endpoint Security for Linux, enabling them to execute any code they want. It occurs during the installation process due to a timing issue that lets the attacker exploit temporary files that are not securely managed.