Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
905
VMScore
CVE-2017-6554
pmmasterd in Quest Privilege Manager prior to 6.0.0.061, when configured as a policy server, allows remote malicious users to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action.
Quest Privilege Manager 6.0.0-27
Quest Privilege Manager 6.0.0-50
1 EDB exploit
NA
CVE-2020-12615
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary proc...
Beyondtrust Privilege Management For Windows
Beyondtrust Privilege Management For Windows 5.6
NA
CVE-2020-12612
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefore uses the %ProgramFiles(x86)% environment variable. However, when this same ...
Beyondtrust Privilege Management For Windows
Beyondtrust Privilege Management For Windows 5.6
445
VMScore
CVE-2020-9326
BeyondTrust Privilege Management for Windows and Mac (aka PMWM; formerly Avecto Defendpoint) 5.1 up to and including 5.5 prior to 5.5 SR1 mishandles command-line arguments with PowerShell .ps1 file extensions present, leading to a DefendpointService.exe crash.
Beyondtrust Privilege Management For Windows And Mac
Beyondtrust Privilege Management For Windows And Mac 5.5
668
VMScore
CVE-2018-13052
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin.
Cyberark Endpoint Privilege Manager -
614
VMScore
CVE-2019-9627
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions before 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.
Cyberark Endpoint Privilege Manager
465
VMScore
CVE-2018-14894
CyberArk Endpoint Privilege Manager 10.2.1.603 and previous versions allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications.
Cyberark Endpoint Privilege Manager
1 EDB exploit
614
VMScore
CVE-2021-44049
CyberArk Endpoint Privilege Manager (EPM) up to and including 11.5.3.328 prior to 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user's Temp directory.
Cyberark Endpoint Privilege Manager
169
VMScore
CVE-2020-25738
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows malicious users to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database.
Cyberark Endpoint Privilege Manager 11.1.0.173
641
VMScore
CVE-2021-42254
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
Beyondtrust Privilege Management For Windows
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »