Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elevation of privilege vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-12614
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate (and also requires that the certificate is valid). If an Add Admin token is p...
Beyondtrust Privilege Management For Windows
NA
CVE-2020-12613
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the proce...
Beyondtrust Privilege Management For Windows
2.1
CVSSv2
CVE-2020-8152
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an malicious user to replace the public key to decrypt them later on.
Nextcloud Nextcloud Server
2 Github repositories
4.9
CVSSv2
CVE-2020-3153
A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local malicious user to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect hand...
Cisco Anyconnect Secure Mobility Client
4 Github repositories
1 Article
4.6
CVSSv2
CVE-2020-8290
Backblaze for Windows and Backblaze for macOS prior to 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue cl...
Backblaze Backblaze
2 Github repositories
NA
CVE-2024-21346
Win32k Elevation of Privilege Vulnerability
Microsoft Windows 11 23h2
Microsoft Windows 11 22h2
Microsoft Windows 11 21h2
Microsoft Windows Server 2022 23h2
NA
CVE-2023-35631
Win32k Elevation of Privilege Vulnerability
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows Server 2022 23h2
7.2
CVSSv2
CVE-2018-8410
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka "Windows Registry Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Wi...
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows 10 1803
Microsoft Windows 8.1 -
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008
Microsoft Windows 10 1709
Microsoft Windows 7 -
1 EDB exploit
1 Github repository
NA
CVE-2024-21345
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows Server 2022 23h2
2 Github repositories
7.2
CVSSv2
CVE-2018-19321
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and previous versions, AORUS GRAPHICS ENGINE prior to 1.57, XTREME GAMING ENGINE prior to 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by...
Gigabyte App Center
Gigabyte Aorus Graphics Engine
Gigabyte Xtreme Gaming Engine
Gigabyte Oc Guru Ii 2.08
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »