Total
1509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10793 | 1 Codeigniter | 1 Codeigniter | 2021-02-10 | 6.5 MEDIUM | 8.8 HIGH |
| CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown website built with the CodeIgniter framework but that CodeIgniter is not responsible for introducing this issue because the framework has never provided a login screen, nor any kind of login or user management facilities beyond a Session library. Also, another reporter indicates the issue is with a custom module/plugin to CodeIgniter, not CodeIgniter itself. | |||||
| CVE-2014-3153 | 4 Linux, Opensuse, Redhat and 1 more | 7 Linux Kernel, Opensuse, Enterprise Linux Server Aus and 4 more | 2021-02-08 | 7.2 HIGH | N/A |
| The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. | |||||
| CVE-2021-22159 | 1 Proofpoint | 1 Insider Threat Management | 2021-02-04 | 7.2 HIGH | 7.8 HIGH |
| Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS, Linux, and ITM Cloud are not affected. | |||||
| CVE-2020-6024 | 1 Checkpoint | 1 Smartconsole | 2021-02-02 | 4.6 MEDIUM | 7.8 HIGH |
| Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users. | |||||
| CVE-2011-1526 | 5 Debian, Fedoraproject, Mit and 2 more | 7 Debian Linux, Fedora, Krb5-appl and 4 more | 2021-02-02 | 6.5 MEDIUM | N/A |
| ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script. | |||||
| CVE-2019-19728 | 3 Debian, Opensuse, Schedmd | 3 Debian Linux, Leap, Slurm | 2021-01-28 | 6.0 MEDIUM | 7.5 HIGH |
| SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges. | |||||
| CVE-2021-20618 | 1 Acmailer | 2 Acmailer, Acmailer Db | 2021-01-26 | 10.0 HIGH | 9.8 CRITICAL |
| Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4 and earlier allows remote attackers to bypass authentication and to gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified vectors. | |||||
| CVE-2021-1704 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2021-01-21 | 7.2 HIGH | 7.8 HIGH |
| Windows Hyper-V Elevation of Privilege Vulnerability | |||||
| CVE-2021-1703 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2021-01-21 | 7.2 HIGH | 7.8 HIGH |
| Windows Event Logging Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1709 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-21 | 7.2 HIGH | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2021-1702 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-20 | 7.2 HIGH | 7.8 HIGH |
| Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability | |||||
| CVE-2021-1694 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-20 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Update Stack Elevation of Privilege Vulnerability | |||||
| CVE-2021-1693 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-20 | 7.2 HIGH | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688. | |||||
| CVE-2021-1688 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-01-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693. | |||||
| CVE-2021-1689 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2021-01-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Multipoint Management Elevation of Privilege Vulnerability | |||||
| CVE-2021-1687 | 1 Microsoft | 1 Windows 10 | 2021-01-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1686, CVE-2021-1690. | |||||
| CVE-2021-1690 | 1 Microsoft | 1 Windows 10 | 2021-01-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1686, CVE-2021-1687. | |||||
| CVE-2021-1680 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-01-20 | 4.6 MEDIUM | 7.8 HIGH |
| Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1651. | |||||
| CVE-2021-1686 | 1 Microsoft | 1 Windows 10 | 2021-01-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1687, CVE-2021-1690. | |||||
| CVE-2021-1681 | 1 Microsoft | 1 Windows 10 | 2021-01-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1686, CVE-2021-1687, CVE-2021-1690. | |||||