CWE:
 

Tytuł
Data
Autor
Low
Gantt-Chart For Jira 5.5.3 Missing Privilege Check
04.08.2020
Sebastian Auwaerter
Med.
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation
17.05.2020
Matthew Bergin
Med.
Ultimate Member 2.39 Unauthorized profile modification
18.06.2019
Clément Cruchet
Med.
WordPress Plugin WooCommerce GloBee (cryptocurrency) Payment Gateway 1.1.1 Payment Bypass / Unauthorized Order Status Spoofing
27.02.2019
GeekHack
Med.
Goozmo™ Systems v.1.0 Improper Privilege Management
29.01.2019
KingSkrupellos
Med.
TP-Link EAP Controller CSRF / Hard-Coded Key / XSS
04.05.2018
Core
Med.
SpiderControl SCADA Web Server 2.02.0007 Improper Privilege Management
01.11.2017
Karn Ganeshen
Med.
Solarwinds LEM 6.3.1 Sudo Script Abuse Privilege Escalation
25.04.2017
Hank Leininger and Mat...
Med.
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Privilege Escalation
18.02.2017
Matt Bergin
Med.
phpMyAdmin 3.5.x/4.0.x privilege escalation
30.07.2013
SecuriTeam Secure Disc...
High
Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability
27.09.2012
X-Cisadane


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2021-01-12
Medium
CVE-2020-26050

Vendor: Safervpn
Software: Safervpn
 

 
SaferVPN for Windows Ver 5.0.3.3 through 5.0.4.15 could allow local privilege escalation from low privileged users to SYSTEM via a crafted openssl configuration file. This issue is similar to CVE-2019-12572.

 
Medium
CVE-2020-35459

Vendor: Clusterlabs
Software: Crmsh
 

 
An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were able to execute commands via shell code injection to the crm history commandline, potentially allowing escalation of privileges.

 
Medium
CVE-2021-1642

Vendor: Microsoft
Software: Windows 10
 

 
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1685.

 
Medium
CVE-2021-1646

Vendor: Microsoft
Software: Windows 10
 

 
Windows WLAN Service Elevation of Privilege Vulnerability

 
Medium
CVE-2021-1648

Vendor: Microsoft
Software: Windows 10
 

 
Microsoft splwow64 Elevation of Privilege Vulnerability

 
Medium
CVE-2021-1649

Vendor: Microsoft
Software: Windows 10
 

 
Active Template Library Elevation of Privilege Vulnerability

 
Medium
CVE-2021-1650

Vendor: Microsoft
Software: Windows 10
 

 
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

 
Medium
CVE-2021-1651

Vendor: Microsoft
Software: Visual studio
 

 
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1680.

 
Medium
CVE-2021-1652

Vendor: Microsoft
Software: Windows 10
 

 
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

 
Medium
CVE-2021-1653

Vendor: Microsoft
Software: Windows 10
 

 
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top