Total
1509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27454 | 1 Ge | 2 Reason Dr60, Reason Dr60 Firmware | 2021-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions prior to 02A04.1). | |||||
| CVE-2021-27448 | 1 Ge | 2 Mu320e, Mu320e Firmware | 2021-03-29 | 4.6 MEDIUM | 7.8 HIGH |
| A miscommunication in the file system allows adversaries with access to the MU320E to escalate privileges on the MU320E (all firmware versions prior to v04A00.1). | |||||
| CVE-2021-28250 | 1 Ca | 1 Ehealth Performance Manager | 2021-03-29 | 4.6 MEDIUM | 7.8 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the script code will be executed as the ehealth user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2018-10079 | 1 Vertiv | 1 Watchdog Console | 2021-03-26 | 2.1 LOW | 7.8 HIGH |
| Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating (1) config.xml or (2) servers.xml. | |||||
| CVE-2018-3635 | 1 Intel | 1 Rapid Storage Technology | 2021-03-26 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access. | |||||
| CVE-2021-24095 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-03-17 | 4.6 MEDIUM | 7.8 HIGH |
| DirectX Elevation of Privilege Vulnerability | |||||
| CVE-2021-24090 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2021-03-17 | 9.3 HIGH | 7.8 HIGH |
| Windows Error Reporting Elevation of Privilege Vulnerability | |||||
| CVE-2021-1729 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-03-17 | 7.2 HIGH | 7.8 HIGH |
| Windows Update Stack Setup Elevation of Privilege Vulnerability | |||||
| CVE-2014-1520 | 3 Fedoraproject, Microsoft, Mozilla | 4 Fedora, Windows, Firefox and 1 more | 2021-03-17 | 6.9 MEDIUM | N/A |
| maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process. | |||||
| CVE-2020-4184 | 1 Ibm | 1 Security Guardium | 2021-03-17 | 7.5 HIGH | 7.3 HIGH |
| IBM Security Guardium 11.2 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 174802.. | |||||
| CVE-2015-9267 | 2 Debian, Nullsoft | 2 Debian Linux, Nullsoft Scriptable Install System | 2021-03-15 | 3.6 LOW | 5.5 MEDIUM |
| Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program. | |||||
| CVE-2020-8021 | 2 Debian, Opensuse | 2 Debian Linux, Open Build Service | 2021-03-15 | 4.3 MEDIUM | 5.3 MEDIUM |
| a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5. | |||||
| CVE-2021-0369 | 1 Google | 1 Android | 2021-03-15 | 4.4 MEDIUM | 7.8 HIGH |
| In CrossProfileAppsServiceImpl.java, there is the possibility of an application's INTERACT_ACROSS_PROFILES grant state not displaying properly in the setting UI due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-166561076 | |||||
| CVE-2021-26863 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-03-12 | 7.2 HIGH | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26875, CVE-2021-26900, CVE-2021-27077. | |||||
| CVE-2019-12522 | 1 Squid-cache | 1 Squid | 2021-03-10 | 4.4 MEDIUM | 4.5 MEDIUM |
| An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root. | |||||
| CVE-2020-12528 | 1 Mbconnectline | 2 Mbconnect24, Mymbconnect24 | 2021-03-09 | 4.0 MEDIUM | 7.7 HIGH |
| An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. Improper use of access validation allows a logged in user to kill web2go sessions in the account he should not have access to. | |||||
| CVE-2021-24087 | 1 Azure-iot-cli-extension | 1 - | 2021-03-04 | 4.6 MEDIUM | 7.8 HIGH |
| Azure IoT CLI extension Elevation of Privilege Vulnerability | |||||
| CVE-2021-1642 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-03-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1685. | |||||
| CVE-2021-1685 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-03-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1642. | |||||
| CVE-2021-1695 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-03-04 | 7.2 HIGH | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||