High
CVSS: 7.5
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multipl…
High
CVSS: 7.3
Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows low privileged attacker having User Account priv…
High
CVSS: 8.5
A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. When the software starts up, files are deleted in the temporary folder causing the Access Control Entry of the directory to inherit permissions from the par…
High
CVSS: 7.8
A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to escalate to root.,This issue affects gerbera on openSUSE Tumbleweed before 2.5.0-1.1.
High
CVSS: 7.8
Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
High
CVSS: 7.8
An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftp_image_check of a binary named rc.
High
CVSS: 7.8
Insecure Permission vulnerability in student-manage 1 allows a local attacker to escalate privileges via the Unsafe permission verification.
High
CVSS: 7.3
Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
Critical
CVSS: 9.8
A permissions issue was addressed with improved validation. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sequoia 15.7.2, macOS Sonoma 14.7.5, macOS Sonoma 14.8.2, macOS Tahoe 26.1, macOS Ventura 13.7.5. A shortcut may be…
High
CVSS: 7.8
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
High
CVSS: 7.8
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
Critical
CVSS: 9.8
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to gain elevated privileges.
High
CVSS: 7.8
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to gain root privileges.
Critical
CVSS: 9.8
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to enable iCloud storage features without user consent.
Critical
CVSS: 9.8
An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A user may be able to elevate privileges.
Critical
CVSS: 9.8
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. "Block All Remote Content" may not apply for all mail previews.
High
CVSS: 7.8
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
Medium
CVSS: 6.3
The WatchGuard Terminal Services Agent on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable…
Medium
CVSS: 6.3
The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnera…
Critical
CVSS: 9.8
HTTP Response Manipulation in SCRIPT CASE v.1.0.002 Build7 allows a remote attacker to escalate privileges via a crafted request.