Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2021-34110
WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user to replace the executable with a malicious file that will be executed with "LocalSystem" privileges.
Nica Winwaste.net 1.0.6183.16475
437
VMScore
CVE-2014-3122
The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel prior to 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table ...
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
419
VMScore
CVE-2012-2745
The copy_creds function in kernel/cred.c in the Linux kernel prior to 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.
Linux Linux Kernel 3.3
Linux Linux Kernel
365
VMScore
CVE-2019-10128
A vulnerability was found in postgresql versions 11.x before 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration...
Postgresql Postgresql
294
VMScore
CVE-2018-6693
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and previous versions. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is abl...
Mcafee Endpoint Security For Linux Threat Prevention
Mcafee Endpoint Security For Linux Threat Prevention 10.5.1
Mcafee Endpoint Security Linux Threat Prevention 10.5.0
419
VMScore
CVE-2014-2678
The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel up to and including 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system ...
Linux Linux Kernel
Fedoraproject Fedora 20
Oracle Linux 5
356
VMScore
CVE-2022-24328
In JetBrains Hub prior to 2021.1.13956, an unprivileged user could perform DoS.
Jetbrains Hub
170
VMScore
CVE-2012-6541
The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel prior to 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.1
Linux Linux Kernel 3.0.63
Linux Linux Kernel 3.0.46
Linux Linux Kernel 3.0.47
409
VMScore
CVE-2018-5529
The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensiti...
F5 Big-ip Access Policy Manager
F5 Big-ip Edge
605
VMScore
CVE-2017-0638
A remote code execution vulnerability in System UI component could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High because it is a remote arbitrary code execution in an unprivil...
Google Android 7.1.1
Google Android 7.1.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »