Low
CVSS: 2.0
FreePBX is an open-source web-based graphical user interface (GUI) that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api (PBX API) is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. T…
High
CVSS: 7.8
Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.
High
CVSS: 8.1
System call entry on Cortex M (and possibly R and A, but I think not) has a race which allows very practical privilege escalation for malicious userspace processes.
Medium
CVSS: 6.0
Under heavy system utilization a random race condition can occur during authentication or token refresh operation. This flaw allows one user to be granted a token intended for another user, resulting in impersonation until the session is en…
Medium
CVSS: 5.6
A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.
This issue affects C…
Medium
CVSS: 5.1
XWiki is a generic wiki platform. When a user without script right creates a document with an `XWiki.Notifications.Code.NotificationEmailRendererClass` object, and later an admin edits and saves that document, the email templates in this ob…
High
CVSS: 7.9
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data into another Guest's virtualised GPU memory.