Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2017-18385
cPanel prior to 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).
Cpanel Cpanel
801
VMScore
CVE-2016-10809
In cPanel prior to 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process (SEC-114).
Cpanel Cpanel
801
VMScore
CVE-2016-10810
In cPanel prior to 57.9999.54, /scripts/maildir_converter exposed a TTY to an unprivileged process (SEC-115).
Cpanel Cpanel
NA
CVE-2023-0664
A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.
Qemu Qemu
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 37
641
VMScore
CVE-2020-10145
The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default installation directory, such as C:\ColdFusion2021\. By default, unprivileged users can create files in this directory structure, which creates a privilege-escalation vulnerability.
Adobe Coldfusion 2018
Adobe Coldfusion 2016
Adobe Coldfusion 2021
641
VMScore
CVE-2020-25507
An incorrect permission assignment during the installation script of TeamworkCloud 18.0 thru 19.0 allows a local unprivileged malicious user to execute arbitrary code as root. During installation, the user is instructed to set the system enviroment file with world writable permis...
3ds Teamwork Cloud
392
VMScore
CVE-2019-25058
An issue exists in USBGuard prior to 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.
Usbguard Project Usbguard
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
409
VMScore
CVE-2020-14004
An issue exists in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed a...
Icinga Icinga 2.12.0
Icinga Icinga
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
615
VMScore
CVE-2013-6383
The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel prior to 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.
Linux Linux Kernel
409
VMScore
CVE-2018-12152
Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers prior to 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local acc...
Intel Graphics Driver 15.36.28.4332
Intel Graphics Driver 15.36.26.4294
Intel Graphics Driver 15.33.46.4885
Intel Graphics Driver 15.33.45.4653
Intel Graphics Driver 15.40.41.5058
Intel Graphics Driver 15.40.38.4963
Intel Graphics Driver 15.40.37.4835
Intel Graphics Driver 15.40.36.4703
Intel Graphics Driver 15.40.34.4624
Intel Graphics Driver 15.36.35.5057
Intel Graphics Driver 15.36.31.4414
Intel Graphics Driver 15.33.43.4425
Intel Graphics Driver 15.36.34.4889
Intel Graphics Driver 15.36.33.4578
Intel Graphics Driver 15.33.47.5059
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »