An elevation of privilege vulnerability exists due to the MS KS Server kernel module allow accessing memory out of bounds. The vulnerability could allow an attacker to run code with elevated privileges.
An improper authorization vulnerability in Atlassian Confluence allows unauthenticated remote attackers to restore the database of the instance. This allows the creation of unauthorized administrator accounts and the later installation of malicious plugins that allow the execution of OS system commands.
An AJP request smuggling present in F5 BIG-IP Traffic Management User Interface (TMUI) allows unauthenticated remote attackers to create an administrative user and execute OS systems commands in the context of the root user.
A Java deserialization vulnerability is Apache ActiveMQ allows unauthenticated remote attackers to execute system commands via OpenWire protocol.
A broken access control vulnerability in Atlassian Confluence allows unauthenticated remote attackers to create unauthorized Confluence administrator accounts and access Confluence instances. This allows to execute system commands by installing a malicious Servlet plugin JAR file.
An elevation of privilege vulnerability exists due to the MS KS Server kernel module allow mapping arbitrary memory addresses to user mode. The vulnerability could allow an attacker to run code with elevated privileges.
Arcserve UDP from version 7.0 to 9.0 allows authentication bypass. The method getVersionInfo in WebServiceImpl/services/FlashServiceImpl exposes the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. It is also possible to obtain administrator credentials.
An authentication bypass vulnerability in Jetbrains TeamCity allows unauthenticated remote attackers to execute system commands.
A .NET deserialization vulnerability in Progress WS_FTP Server allows unauthenticated remote attackers to execute system commands.
A vulnerability exists in the file history service, which runs as system, and can be exploited to elevate from ordinary users to system privileges.