Total
2348 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4258 | 4 Fedoraproject, Linux, Opensuse and 1 more | 7 Fedora, Linux Kernel, Opensuse and 4 more | 2024-11-21 | 6.2 MEDIUM | N/A |
| The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call. | |||||
| CVE-2010-3301 | 3 Canonical, Linux, Suse | 3 Ubuntu Linux, Linux Kernel, Linux Enterprise Real Time Extension | 2024-11-21 | 7.2 HIGH | N/A |
| The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression. | |||||
| CVE-2009-2848 | 8 Canonical, Fedoraproject, Linux and 5 more | 13 Ubuntu Linux, Fedora, Linux Kernel and 10 more | 2024-11-21 | 5.9 MEDIUM | N/A |
| The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. | |||||
| CVE-2009-0080 | 1 Microsoft | 2 Windows Server 2008, Windows Vista | 2024-11-21 | 6.9 MEDIUM | N/A |
| The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability." | |||||
| CVE-2008-2931 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. | |||||
| CVE-2008-2271 | 1 Site Documentation Project | 1 Site Documentation | 2024-11-21 | 5.0 MEDIUM | N/A |
| The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the "access content" permission to list tables and obtain session IDs from the database. | |||||
| CVE-2004-1349 | 2 Gnu, Oracle | 2 Gzip, Solaris | 2024-11-20 | 2.1 LOW | N/A |
| gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. | |||||
| CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2024-11-20 | 2.1 LOW | N/A |
| rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | |||||
| CVE-2002-0049 | 1 Microsoft | 1 Exchange Server | 2024-11-20 | 6.4 MEDIUM | N/A |
| Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. | |||||
| CVE-1999-0084 | 1 Sun | 1 Nfs | 2024-11-20 | 7.2 HIGH | 8.4 HIGH |
| Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. | |||||
| CVE-2024-9479 | 2024-11-20 | N/A | N/A | ||
| Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2. | |||||
| CVE-2024-9478 | 2024-11-20 | N/A | N/A | ||
| Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2. | |||||
| CVE-2024-31141 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients. Apache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products. This issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0. Users with affected applications are recommended to upgrade kafka-clients to version >=3.8.0, and set the JVM system property "org.apache.kafka.automatic.config.providers=none". Users of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate "allowlist.pattern" and "allowed.paths" to restrict their operation to appropriate bounds. For users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property. For users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property. | |||||
| CVE-2024-52516 | 2024-11-18 | N/A | 3.0 LOW | ||
| Nextcloud Server is a self hosted personal cloud system. When a server is configured to only allow sharing with users that are in ones own groups, after a user was removed from a group, previously shared items were not unshared. It is recommended that the Nextcloud Server is upgraded to 22.2.11 or 23.0.11 or 24.0.6 and Nextcloud Enterprise Server is upgraded to 22.2.11 or 23.0.11 or 24.0.6. | |||||
| CVE-2024-9192 | 2024-11-18 | N/A | 8.8 HIGH | ||
| The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to privilege escalation due to insufficient validation on user meta that can be updated in the wpvr_rate_request_result() function in all versions up to, and including, 1.20.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta on a WordPress site. This can be leveraged to update their capabilities to that of an administrator. | |||||
| CVE-2024-9500 | 2024-11-18 | N/A | 7.2 HIGH | ||
| A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management. | |||||
| CVE-2020-26063 | 2024-11-18 | N/A | 5.4 MEDIUM | ||
| A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system without authorization. The vulnerability is due to improper authorization checks on API endpoints. An attacker could exploit this vulnerability by sending malicious requests to an API endpoint. An exploit could allow the attacker to download files from or modify limited configuration options on the affected system.There are no workarounds that address this vulnerability. | |||||
| CVE-2024-49558 | 1 Dell | 1 Smartfabric Os10 | 2024-11-15 | N/A | 7.8 HIGH |
| Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | |||||
| CVE-2024-11206 | 2024-11-15 | N/A | 7.5 HIGH | ||
| Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to the leakage of user information. | |||||
| CVE-2022-21970 | 1 Microsoft | 1 Edge Chromium | 2024-11-14 | 8.3 HIGH | 6.1 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||