Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
privilege escalation vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-7304
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1....
2 EDB exploits available
12 Github repositories available
2 Articles available
7.8
CVSSv3
CVE-2019-0211
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent...
1 EDB exploit available
9 Github repositories available
2 Articles available
7
CVSSv3
CVE-2020-4352
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. IBM X-Force ID: 178427....
7
CVSSv3
CVE-2018-1122
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file()...
1 EDB exploit available
1 Github repository available
7.8
CVSSv3
CVE-2018-1124
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or...
1 EDB exploit available
2 Github repositories available
9.8
CVSSv3
CVE-2018-1126
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124....
2 Github repositories available
7.5
CVSSv3
CVE-2018-1123
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service)....
1 EDB exploit available
1 Github repository available
7.5
CVSSv3
CVE-2018-1125
A vulnerability in the pgrep command used by procps-ng could allow a local attacker to cause a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper processing of long arguments that are passed to a process that is reviewed by pgrep. An...
1 Github repository available
5.9
CVSSv3
CVE-2018-1121
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and...
1 EDB exploit available
9.8
CVSSv3
CVE-2019-4155
IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted by a privilege escalation vulnerability when integrated with an OpenID Connect (OIDC) user registry. IBM X-Force ID: 158544....
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-26879
apple
CVE-2020-8240
CVE-2019-8856
local file inclusion
ipados
malicious code
CVE-2020-16262
CVE-2020-9932
CVE-2020-26878
firewall
1
2
3
4
5
NEXT »
Vulmon