Total
1509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34766 | 1 Cisco | 1 Smart Software Manager On-prem | 2021-10-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions. This vulnerability is due to insufficient authorization of the System User and System Operator role capabilities. An attacker could exploit this vulnerability by directly accessing a web resource. A successful exploit could allow the attacker to create, read, update, or delete records and settings in multiple functions without the necessary permissions on the web UI. | |||||
| CVE-2021-0598 | 1 Google | 1 Android | 2021-10-07 | 4.4 MEDIUM | 7.3 HIGH |
| In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180422108 | |||||
| CVE-2021-0691 | 1 Google | 1 Android | 2021-10-07 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-188554048 | |||||
| CVE-2021-23893 | 1 Mcafee | 1 Drive Encryption | 2021-10-07 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in a Windows system driver of McAfee Drive Encryption (DE) prior to 7.3.0 could allow a local non-admin user to gain elevated system privileges via exploiting an unutilized memory buffer. | |||||
| CVE-2021-34411 | 1 Zoom | 1 Rooms | 2021-10-06 | 4.6 MEDIUM | 7.8 HIGH |
| During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. | |||||
| CVE-2021-34412 | 1 Zoom | 1 Meetings | 2021-10-06 | 4.6 MEDIUM | 7.8 HIGH |
| During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. | |||||
| CVE-2021-31847 | 1 Mcafee | 1 Mcafee Agent | 2021-09-29 | 6.9 MEDIUM | 7.8 HIGH |
| Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature. | |||||
| CVE-2021-31836 | 1 Mcafee | 1 Mcafee Agent | 2021-09-29 | 3.6 LOW | 7.1 HIGH |
| Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user. | |||||
| CVE-2021-38628 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38638. | |||||
| CVE-2021-38638 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38628. | |||||
| CVE-2021-38630 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36964. | |||||
| CVE-2021-38639 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36975. | |||||
| CVE-2021-38645 | 1 Microsoft | 10 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics \(lad\) and 7 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38648, CVE-2021-38649. | |||||
| CVE-2021-38649 | 1 Microsoft | 10 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics \(lad\) and 7 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38645, CVE-2021-38648. | |||||
| CVE-2021-38633 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-36963. | |||||
| CVE-2021-38634 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2021-09-26 | 7.2 HIGH | 7.8 HIGH |
| Microsoft Windows Update Client Elevation of Privilege Vulnerability | |||||
| CVE-2021-36967 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-09-26 | 5.8 MEDIUM | 8.8 HIGH |
| Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-38626 | 1 Microsoft | 1 Windows Server 2008 | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38625. | |||||
| CVE-2021-36973 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | |||||
| CVE-2021-36974 | 1 Microsoft | 7 Windows 10, Windows 8.1, Windows Rt 8.1 and 4 more | 2021-09-26 | 4.6 MEDIUM | 7.8 HIGH |
| Windows SMB Elevation of Privilege Vulnerability | |||||