Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privileged user manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-3539
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that a...
7.8
CVSSv3
CVE-2021-32461
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local malicious user to trigger a buffer overflow and escalate privileges on affected installations. An attacker must...
Trendmicro Password Manager
7.8
CVSSv3
CVE-2021-1528
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local malicious user to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker...
Cisco Sd-wan Vbond Orchestrator
Cisco Catalyst Sd-wan Manager
Cisco Vsmart Controller
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 100b Firmware
Cisco Vedge 100m Firmware
Cisco Vedge 100wm Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vedge Cloud Firmware
7.8
CVSSv3
CVE-2017-13209
In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege ...
Google Android 8.1
Google Android 8.0
1 EDB exploit
6.5
CVSSv3
CVE-2022-20747
A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to gain access to sensitive information on an affected system. This vulnerability is due to insufficient API authorization checking on the underlying operating ...
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager 20.7
4.7
CVSSv3
CVE-2021-3753
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidenti...
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Netapp Element Software -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.1
CVSSv3
CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel up to and including 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
Linux Linux Kernel
Debian Debian Linux 8.0
Opensuse Leap 15.1
Netapp Cloud Backup -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Hci Baseboard Management Controller H410c
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
7.8
CVSSv3
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.re...
Redhat Subscription-manager
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
7.5
CVSSv3
CVE-2018-17199
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.
Apache Http Server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Santricity Cloud Connector -
Netapp Storage Automation Store -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Oracle Enterprise Manager Ops Center 12.3.3
4.4
CVSSv3
CVE-2020-29660
A locking inconsistency issue exists in the tty subsystem of the Linux kernel up to and including 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Broadcom Fabric Operating System -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp H410c Firmware -
Netapp A700s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »