ZDI-25-076: NoMachine Incorrect Permission Assignment Local Privilege Escalation Vulnerability
Zero Day Initiative Advisories (published)
2025-02-03 14:00:00
收藏
This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.7. The following CVEs are assigned: CVE-2024-9632.
侵权请联系站方: admin@sechub.in
目录
最新
- ZDI-25-144: NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability
- ZDI-25-145: NVIDIA Riva Triton Inference Server Missing Authentication Vulnerability
- ZDI-25-131: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
- ZDI-25-132: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
- ZDI-25-133: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
- ZDI-25-134: Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability
- ZDI-25-135: Adobe Acrobat Reader DC AcroForm Use of Uninitialized Variable Remote Code Execution Vulnerability
- ZDI-25-136: X.Org Server SyncInitTrigger Use-After-Free Local Privilege Escalation Vulnerability