Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-23344
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page.
Hcltech Bigfix Webui Insights 14
9.8
CVSSv3
CVE-2016-9568
A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform unauthorized actions.
Carbonblack Carbon Black 5.1.1.60603
5.5
CVSSv3
CVE-2011-4594
The __sys_sendmsg function in net/socket.c in the Linux kernel prior to 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.
Linux Linux Kernel
NA
CVE-2012-5517
The online_pages function in mm/memory_hotplug.c in the Linux kernel prior to 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-adde...
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.4.1
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.1
Linux Linux Kernel 3.4
Linux Linux Kernel 3.2.5
Linux Linux Kernel 3.2.26
Linux Linux Kernel 3.0.18
Linux Linux Kernel 3.0.6
7.8
CVSSv3
CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and previous versions which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a loca...
Canonical Apport
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
4 Github repositories
NA
CVE-2024-4154
In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite...
5.5
CVSSv3
CVE-2020-9451
An issue exists in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a (not yet created)...
Acronis True Image 2020 24.5.22510
NA
CVE-2024-5138
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised ac...
9.8
CVSSv3
CVE-2021-31316
The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter.
Control-webpanel Webpanel -
3.3
CVSSv3
CVE-2022-22270
An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.
Google Android 9.0
Google Android 10.0
Google Android 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »