Search
Total
1819 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36963 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-34483 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-38633 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-38628 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||
| CVE-2021-34537 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 5.2 MEDIUM | 7.8 HIGH |
| Windows Bluetooth Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-36974 | 1 Microsoft | 7 Windows 10, Windows 8.1, Windows Rt 8.1 and 4 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows SMB Elevation of Privilege Vulnerability | |||||
| CVE-2021-38630 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2021-34471 | 1 Microsoft | 1 Malware Protection Engine | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Microsoft Windows Defender Elevation of Privilege Vulnerability | |||||
| CVE-2021-36945 | 1 Microsoft | 1 Windows 10 Update Assistant | 2023-12-28 | 6.8 MEDIUM | 7.3 HIGH |
| Windows 10 Update Assistant Elevation of Privilege Vulnerability | |||||
| CVE-2021-38626 | 1 Microsoft | 1 Windows Server 2008 | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-36930 | 1 Microsoft | 1 Edge | 2023-12-28 | 6.8 MEDIUM | 5.3 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-36968 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows DNS Elevation of Privilege Vulnerability | |||||
| CVE-2021-36964 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8.1 and 6 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2021-36954 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2023-12-28 | 4.6 MEDIUM | 8.8 HIGH |
| Windows Bind Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-34484 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows User Profile Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-36975 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2021-38625 | 1 Microsoft | 1 Windows Server 2008 | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-38634 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2023-12-28 | 7.2 HIGH | 7.1 HIGH |
| Microsoft Windows Update Client Elevation of Privilege Vulnerability | |||||
| CVE-2021-43211 | 1 Microsoft | 1 Windows 10 Update Assistant | 2023-12-28 | 6.6 MEDIUM | 5.5 MEDIUM |
| Windows 10 Update Assistant Elevation of Privilege Vulnerability | |||||
| CVE-2021-42322 | 1 Microsoft | 1 Visual Studio Code | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Visual Studio Code Elevation of Privilege Vulnerability | |||||
| CVE-2021-42319 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2023-12-28 | 2.1 LOW | 4.7 MEDIUM |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2021-42304 | 1 Microsoft | 1 Azure Real Time Operating System | 2023-12-28 | 7.2 HIGH | 6.6 MEDIUM |
| Azure RTOS Elevation of Privilege Vulnerability | |||||
| CVE-2021-41377 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-42277 | 1 Microsoft | 8 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 5 more | 2023-12-28 | 4.6 MEDIUM | 5.5 MEDIUM |
| Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | |||||
| CVE-2021-42285 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-12-28 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2021-42303 | 1 Microsoft | 1 Azure Real Time Operating System | 2023-12-28 | 7.2 HIGH | 6.6 MEDIUM |
| Azure RTOS Elevation of Privilege Vulnerability | |||||
| CVE-2021-41366 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability | |||||
| CVE-2021-42283 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-28 | 4.6 MEDIUM | 8.8 HIGH |
| NTFS Elevation of Privilege Vulnerability | |||||
| CVE-2021-42280 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-12-28 | 4.6 MEDIUM | 5.5 MEDIUM |
| Windows Feedback Hub Elevation of Privilege Vulnerability | |||||
| CVE-2021-42287 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-28 | 6.5 MEDIUM | 7.5 HIGH |
| Active Directory Domain Services Elevation of Privilege Vulnerability | |||||
| CVE-2021-36957 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Desktop Bridge Elevation of Privilege Vulnerability | |||||
| CVE-2021-42291 | 1 Microsoft | 6 Windows Server, Windows Server 2008, Windows Server 2012 and 3 more | 2023-12-28 | 6.5 MEDIUM | 7.5 HIGH |
| Active Directory Domain Services Elevation of Privilege Vulnerability | |||||
| CVE-2021-42302 | 1 Microsoft | 1 Azure Real Time Operating System | 2023-12-28 | 7.2 HIGH | 6.6 MEDIUM |
| Azure RTOS Elevation of Privilege Vulnerability | |||||
| CVE-2021-42286 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2016 | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability | |||||
| CVE-2021-41370 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| NTFS Elevation of Privilege Vulnerability | |||||
| CVE-2021-41367 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-28 | 4.6 MEDIUM | 7.8 HIGH |
| NTFS Elevation of Privilege Vulnerability | |||||
| CVE-2021-42282 | 1 Microsoft | 6 Windows Server, Windows Server 2008, Windows Server 2012 and 3 more | 2023-12-28 | 6.5 MEDIUM | 7.5 HIGH |
| Active Directory Domain Services Elevation of Privilege Vulnerability | |||||
| CVE-2023-3907 | 1 Gitlab | 1 Gitlab | 2023-12-21 | N/A | 8.8 HIGH |
| A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner | |||||
| CVE-2022-21970 | 1 Microsoft | 1 Edge Chromium | 2023-12-21 | 8.3 HIGH | 6.1 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-21902 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2023-12-21 | 7.2 HIGH | 7.8 HIGH |
| Windows DWM Core Library Elevation of Privilege Vulnerability | |||||
| CVE-2023-6793 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-18 | N/A | 2.7 LOW |
| An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage. | |||||
| CVE-2023-50424 | 1 Sap | 1 Cloud-security-client-go | 2023-12-15 | N/A | 9.8 CRITICAL |
| SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application. | |||||
| CVE-2023-50423 | 1 Sap | 1 Sap-xssec | 2023-12-15 | N/A | 9.8 CRITICAL |
| SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application. | |||||
| CVE-2023-41119 | 1 Enterprisedb | 1 Postgres Advanced Server | 2023-12-14 | N/A | 8.8 HIGH |
| An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It contains the function _dbms_aq_move_to_exception_queue that may be used to elevate a user's privileges to superuser. This function accepts the OID of a table, and then accesses that table as the superuser by using SELECT and DML commands. | |||||
| CVE-2023-45083 | 1 Softiron | 1 Hypercloud | 2023-12-12 | N/A | 4.4 MEDIUM |
| An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1. | |||||
| CVE-2023-45253 | 2 Huddly, Microsoft | 2 Huddlycameraservices, Windows | 2023-12-08 | N/A | 7.8 HIGH |
| An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library. | |||||
| CVE-2023-6218 | 1 Progress | 1 Moveit Transfer | 2023-12-05 | N/A | 7.2 HIGH |
| In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an organization administrator. | |||||
| CVE-2023-29066 | 2 Bd, Hp | 3 Facschorus, Hp Z2 Tower G5, Hp Z2 Tower G9 | 2023-12-05 | N/A | 3.5 LOW |
| The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data folders. | |||||
| CVE-2023-6151 | 1 Eskom | 1 E-belediye | 2023-12-05 | N/A | 7.5 HIGH |
| Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105. | |||||
| CVE-2023-6150 | 1 Eskom | 1 E-belediye | 2023-12-05 | N/A | 7.5 HIGH |
| Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105. | |||||