Search
Total
1819 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-125001 | 1 Cardosystems | 2 Scala Rider Q3, Scala Rider Q3 Firmware | 2022-06-08 | 8.3 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Cardo Systems Scala Rider Q3. Affected is the file /cardo/api of the Cardo-Updater. Unauthenticated remote code execution with root permissions is possible. Firewalling or disabling the service is recommended. | |||||
| CVE-2022-21827 | 1 Citrix | 1 Gateway Plug-in | 2022-06-08 | 6.6 MEDIUM | 7.1 HIGH |
| An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. | |||||
| CVE-2022-29333 | 1 Cyberlink | 1 Powerdirector | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file. | |||||
| CVE-2022-31267 | 1 Gitblit | 1 Gitblit | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext 'attacker@example.com\n\trole = "#admin"' value. | |||||
| CVE-2020-7020 | 1 Elastic | 1 Elasticsearch | 2022-06-03 | 3.5 LOW | 3.1 LOW |
| Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices. | |||||
| CVE-2017-4991 | 2 Cloudfoundry, Pivotal Software | 3 Cf-release, Cloud Foundry Uaa Bosh, Cloud Foundry Uaa | 2022-06-03 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.14, 24.x versions prior to v24.9, 30.x versions prior to 30.2, and other versions prior to v36. Privileged users in one zone are allowed to perform a password reset for users in a different zone. | |||||
| CVE-2017-4992 | 2 Cloudfoundry, Pivotal Software | 3 Cf-release, Cloud Foundry Uaa Bosh, Cloud Foundry Uaa | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v261; UAA release 2.x versions prior to v2.7.4.17, 3.6.x versions prior to v3.6.11, 3.9.x versions prior to v3.9.13, and other versions prior to v4.2.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.15, 24.x versions prior to v24.10, 30.x versions prior to 30.3, and other versions prior to v37. There is privilege escalation (arbitrary password reset) with user invitations. | |||||
| CVE-2022-29179 | 1 Cilium | 1 Cilium | 2022-06-03 | 7.2 HIGH | 8.2 HIGH |
| Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium's Kubernetes service account. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. There are no known workarounds available. | |||||
| CVE-2020-7311 | 1 Mcafee | 1 Mcafee Agent | 2022-06-01 | 6.9 MEDIUM | 7.0 HIGH |
| Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files. | |||||
| CVE-2020-7310 | 1 Mcafee | 1 Total Protection | 2022-06-01 | 3.3 LOW | 6.9 MEDIUM |
| Privilege Escalation vulnerability in the installer in McAfee McAfee Total Protection (MTP) trial prior to 4.0.161.1 allows local users to change files that are part of write protection rules via manipulating symbolic links to redirect a McAfee file operations to an unintended file. | |||||
| CVE-2022-1770 | 1 Trudesk Project | 1 Trudesk | 2022-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. | |||||
| CVE-2021-23265 | 1 Craftercms | 1 Crafter Cms | 2022-05-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| A logged-in and authenticated user with a Reviewer Role may lock a content item. | |||||
| CVE-2022-30695 | 1 Acronis | 1 Snap Deploy | 2022-05-24 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | |||||
| CVE-2022-21182 | 1 Inhandnetworks | 2 Inrouter302, Inrouter302 Firmware | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2022-23296 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-23 | 7.2 HIGH | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability. | |||||
| CVE-2019-18823 | 2 Fedoraproject, Wisc | 2 Fedora, Htcondor | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. It is possible to use a different authentication method to submit a job than the administrator has specified. If the administrator has configured the READ or WRITE methods to include CLAIMTOBE, then it is possible to impersonate another user to the condor_schedd. (For example to submit or remove jobs) | |||||
| CVE-2022-24812 | 1 Grafana | 1 Grafana | 2022-05-19 | 6.0 MEDIUM | 8.8 HIGH |
| Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructed, the consequent requests with any API Key evaluate to the same permissions as the previous requests. This can lead to an escalation of privileges, when for example a first request is made with Admin permissions, and the second request with different API Key is made with Viewer permissions, the second request will get the cached permissions from the previous Admin, essentially accessing higher privilege than it should. The vulnerability is only impacting Grafana Enterprise when the fine-grained access control beta feature is enabled and there are more than one API Keys in one organization with different roles assigned. All installations after Grafana Enterprise v8.1.0-beta1 should be upgraded as soon as possible. As an alternative, disable fine-grained access control will mitigate the vulnerability. | |||||
| CVE-2021-27767 | 1 Hcltech | 1 Bigfix Platform | 2022-05-16 | 4.6 MEDIUM | 7.8 HIGH |
| The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. | |||||
| CVE-2021-27766 | 1 Hcltech | 1 Bigfix Platform | 2022-05-16 | 4.6 MEDIUM | 7.8 HIGH |
| The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. | |||||
| CVE-2021-27765 | 1 Hcltech | 1 Bigfix Platform | 2022-05-16 | 4.6 MEDIUM | 7.8 HIGH |
| The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed. | |||||
| CVE-2022-1397 | 1 Easyappointments | 1 Easyappointments | 2022-05-16 | 9.0 HIGH | 8.8 HIGH |
| API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover. | |||||
| CVE-2022-20112 | 1 Google | 1 Android | 2022-05-16 | 4.9 MEDIUM | 5.5 MEDIUM |
| In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206987762 | |||||
| CVE-2022-20114 | 1 Google | 1 Android | 2022-05-16 | 7.2 HIGH | 7.8 HIGH |
| In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211114016 | |||||
| CVE-2022-20739 | 1 Cisco | 1 Sd-wan Vmanage | 2022-05-13 | 8.5 HIGH | 7.3 HIGH |
| A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected system as a low-privileged user to exploit this vulnerability. This vulnerability exists because a file leveraged by a root user is executed when a low-privileged user runs specific commands on an affected system. An attacker could exploit this vulnerability by injecting arbitrary commands to a specific file as a lower-privileged user and then waiting until an admin user executes specific commands. The commands would then be executed on the device by the root user. A successful exploit could allow the attacker to escalate their privileges on the affected system from a low-privileged user to the root user. | |||||
| CVE-2022-27659 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2022-05-13 | 4.0 MEDIUM | 4.3 MEDIUM |
| On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface (TMUI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2022-20759 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense | 2022-05-13 | 8.5 HIGH | 8.8 HIGH |
| A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and authorization scopes. An attacker could exploit this vulnerability by sending crafted HTTPS messages to the web services interface of an affected device. A successful exploit could allow the attacker to gain privilege level 15 access to the web management interface of the device. This includes privilege level 15 access to the device using management tools like the Cisco Adaptive Security Device Manager (ASDM) or the Cisco Security Manager (CSM). Note: With Cisco FTD Software, the impact is lower than the CVSS score suggests because the affected web management interface allows for read access only. | |||||
| CVE-2022-1548 | 1 Mattermost | 1 Playbooks | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| Mattermost Playbooks plugin 1.25 and earlier fails to properly restrict user-level permissions, which allows playbook members to escalate their membership privileges and perform actions restricted to playbook admins. | |||||
| CVE-2022-1108 | 1 Lenovo | 2 Thinkpad X1 Fold Gen 1, Thinkpad X1 Fold Gen 1 Firmware | 2022-05-12 | 7.2 HIGH | 6.7 MEDIUM |
| A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code. | |||||
| CVE-2022-1107 | 1 Lenovo | 60 Thinkpad 11e, Thinkpad 11e Firmware, Thinkpad 11e Yoga and 57 more | 2022-05-12 | 7.2 HIGH | 6.7 MEDIUM |
| During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code. | |||||
| CVE-2022-25782 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2022-05-11 | 5.5 MEDIUM | 5.4 MEDIUM |
| Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7. | |||||
| CVE-2021-3100 | 2 Amazon, Linux | 2 Log4jhotpatch, Linux Kernel | 2022-05-11 | 7.2 HIGH | 8.8 HIGH |
| The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges. | |||||
| CVE-2021-36207 | 1 Johnsoncontrols | 3 Metasys Application And Data Server, Metasys Extended Application And Data Server, Metasys Open Application Server | 2022-05-11 | 8.5 HIGH | 8.8 HIGH |
| Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator. | |||||
| CVE-2022-25089 | 1 Kofax | 1 Printix | 2022-05-10 | 7.5 HIGH | 9.8 CRITICAL |
| Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData. | |||||
| CVE-2021-4210 | 1 Lenovo | 64 A540-24icb, A540-24icb Firmware, A540-27icb and 61 more | 2022-05-10 | 7.2 HIGH | 6.7 MEDIUM |
| A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code. | |||||
| CVE-2021-36784 | 1 Suse | 1 Rancher | 2022-05-09 | 6.5 MEDIUM | 7.2 HIGH |
| A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. | |||||
| CVE-2021-4200 | 1 Suse | 1 Rancher | 2022-05-09 | 6.5 MEDIUM | 8.8 HIGH |
| A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. | |||||
| CVE-2019-19783 | 4 Canonical, Cyrus, Debian and 1 more | 4 Ubuntu Linux, Imap, Debian Linux and 1 more | 2022-05-03 | 3.5 LOW | 6.5 MEDIUM |
| An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosieve_createfolder() in imap/lmtp_sieve.c. | |||||
| CVE-2022-0070 | 2 Amazon, Linux | 2 Hotpatch, Linux Kernel | 2022-05-03 | 7.2 HIGH | 8.8 HIGH |
| Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java process that the hotpatch is applied to. | |||||
| CVE-2021-35064 | 1 Kramerav | 1 Viaware | 2022-04-29 | 10.0 HIGH | 9.8 CRITICAL |
| KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg. | |||||
| CVE-2022-0071 | 1 Hotdog Project | 1 Hotdog | 2022-04-29 | 7.2 HIGH | 8.8 HIGH |
| Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked. | |||||
| CVE-2020-3812 | 3 Canonical, Debian, Netqmail | 3 Ubuntu Linux, Debian Linux, Netqmail | 2022-04-28 | 2.1 LOW | 5.5 MEDIUM |
| qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker's home directory, without dropping its privileges first. | |||||
| CVE-2020-24331 | 2 Fedoraproject, Trousers Project | 2 Fedora, Trousers | 2022-04-28 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon). | |||||
| CVE-2020-24330 | 2 Fedoraproject, Trousers Project | 2 Fedora, Trousers | 2022-04-28 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed. | |||||
| CVE-2020-24848 | 1 Fruitywifi Project | 1 Fruitywifi | 2022-04-28 | 7.2 HIGH | 7.8 HIGH |
| FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system. | |||||
| CVE-2021-21911 | 2 Advantech, Microsoft | 2 R-seenet, Windows | 2022-04-28 | 7.2 HIGH | 7.8 HIGH |
| A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21912 | 2 Advantech, Microsoft | 2 R-seenet, Windows | 2022-04-28 | 7.2 HIGH | 7.8 HIGH |
| A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-3101 | 1 Hotdog Project | 1 Hotdog | 2022-04-28 | 7.2 HIGH | 8.8 HIGH |
| Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container. | |||||
| CVE-2022-25372 | 2 Microsoft, Pritunl | 2 Windows, Pritunl-client-electron | 2022-04-27 | 7.2 HIGH | 7.8 HIGH |
| Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation, related to an ACL entry for CREATOR OWNER in platform_windows.go. | |||||
| CVE-2021-23193 | 1 Gallagher | 1 Command Centre | 2022-04-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ; 8.40 versions prior to 8.40.2063 (MR4); 8.30 versions prior to 8.30.1454 (MR4) ; 8.20 versions prior to 8.20.1291 (MR6); version 8.10 and prior versions. | |||||
| CVE-2021-21567 | 1 Dell | 1 Powerscale Onefs | 2022-04-26 | 4.6 MEDIUM | 7.8 HIGH |
| Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege. | |||||