Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

privilege vulnerabilities and exploits

(subscribe to this query)

9
CVSSv2
CVE-2017-6554
pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action....
Quest Privilege Manager 6.0.0-27Quest Privilege Manager 6.0.0-50
10
CVSSv2
CVE-2017-6553
Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon....
Quest Privilege Manager For Unix
6.9
CVSSv2
CVE-2019-9627
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path....
Cyberark Endpoint Privilege Manager
5
CVSSv2
CVE-2020-9326
BeyondTrust Privilege Management for Windows and Mac (aka PMWM; formerly Avecto Defendpoint) 5.1 through 5.5 before 5.5 SR1 mishandles command-line arguments with PowerShell .ps1 file extensions present, leading to a DefendpointService.exe crash....
Beyondtrust Privilege Management For Windows And MacBeyondtrust Privilege Management For Windows And Mac 5.5
7.5
CVSSv2
CVE-2018-13052
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin....
Cyberark Endpoint Privilege Manager -
4.6
CVSSv2
CVE-2018-14894
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications....
Cyberark Endpoint Privilege Manager
1.9
CVSSv2
CVE-2020-25738
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database....
Cyberark Endpoint Privilege Manager 11.1.0.173
3.5
CVSSv2
CVE-2018-12903
In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App...
Cyberark Endpoint Privilege Manager 10.2.1.603
9.3
CVSSv2
CVE-2018-15439
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a...
Cisco Sg200-50 Firmware -Cisco Sg200-50p Firmware -Cisco Sg200-50fp Firmware -Cisco Sg200-26 Firmware -Cisco Sg200-26p Firmware -Cisco Sg200-26fp Firmware -Cisco Sg200-18 Firmware -Cisco Sg200-10fp Firmware -Cisco Sg200-08 Firmware -Cisco Sg200-08p Firmware -Cisco Sf200-24 Firmware -Cisco Sf200-24p Firmware -Cisco Sf200-24fp Firmware -Cisco Sf200-48 Firmware -Cisco Sf200-48p Firmware -Cisco Sf302-08pp Firmware -Cisco Sf302-08mpp Firmware -Cisco Sg300-10pp Firmware -Cisco Sg300-10mpp Firmware -Cisco Sf300-24pp Firmware -Cisco Sf300-48pp Firmware -Cisco Sg300-28pp Firmware -Cisco Sf300-08 Firmware -Cisco Sf300-48p Firmware -Cisco Sg300-10mp Firmware -Cisco Sg300-10p Firmware -Cisco Sg300-10 Firmware -Cisco Sg300-28p Firmware -Cisco Sf300-24p Firmware -Cisco Sf302-08mp Firmware -Cisco Sg300-28 Firmware -Cisco Sf300-48 Firmware -Cisco Sg300-20 Firmware -Cisco Sf302-08p Firmware -Cisco Sg300-52 Firmware -Cisco Sf300-24 Firmware -Cisco Sf302-08 Firmware -Cisco Sf300-24mp Firmware -Cisco Sg300-10sfp Firmware -Cisco Sg300-28mp Firmware -Cisco Sg300-52p Firmware -Cisco Sg300-52mp Firmware -Cisco Sg500-28mpp Firmware -Cisco Sg500-52mp Firmware -Cisco Sg500xg-8f8t Firmware -Cisco Sf500-24 Firmware -Cisco Sf500-24p Firmware -Cisco Sf500-48 Firmware -Cisco Sf500-48p Firmware -Cisco Sg500-28 Firmware -Cisco Sg500-28p Firmware -Cisco Sg500-52 Firmware -Cisco Sg500-52p Firmware -Cisco Sg500x-24 Firmware -Cisco Sg500x-24p Firmware -Cisco Sg500x-48 Firmware -Cisco Sg500x-48p Firmware -Cisco Sg250x-24 Firmware -Cisco Sg250x-24p Firmware -Cisco Sg250x-48 Firmware -Cisco Sg250x-48p Firmware -Cisco Sg250-08 Firmware -Cisco Sg250-08hp Firmware -Cisco Sg250-10p Firmware -Cisco Sg250-18 Firmware -Cisco Sg250-26 Firmware -Cisco Sg250-26hp Firmware -Cisco Sg250-26p Firmware -Cisco Sg250-50 Firmware -Cisco Sg250-50hp Firmware -Cisco Sg250-50p Firmware -Cisco Sf250-24 Firmware -Cisco Sf250-24p Firmware -Cisco Sf250-48 Firmware -Cisco Sf250-48hp Firmware -Cisco Sg350-10 Firmware -Cisco Sg350-10p Firmware -Cisco Sg350-10mp Firmware -Cisco Sg355-10p Firmware -Cisco Sg350-28 Firmware -Cisco Sg350-28p Firmware -Cisco Sg350-28mp Firmware -Cisco Sf350-48 Firmware -Cisco Sf350-48p Firmware -Cisco Sf350-48mp Firmware -Cisco Sg350xg-2f10 Firmware -Cisco Sg350xg-24f Firmware -Cisco Sg350xg-24t Firmware -Cisco Sg350xg-48t Firmware -Cisco Sg350x-24 Firmware -Cisco Sg350x-24p Firmware -Cisco Sg350x-24mp Firmware -Cisco Sg350x-48 Firmware -Cisco Sg350x-48p Firmware -Cisco Sg350x-48mp Firmware -Cisco Sx550x-16ft Firmware -Cisco Sx550x-24ft Firmware -Cisco Sx550x-12f Firmware -Cisco Sx550x-24f Firmware -Cisco Sx550x-24 Firmware -Cisco Sx550x-52 Firmware -Cisco Sg550x-24 Firmware -Cisco Sg550x-24p Firmware -Cisco Sg550x-24mp Firmware -Cisco Sg550x-24mpp Firmware -Cisco Sg550x-48 Firmware -Cisco Sg550x-48p Firmware -Cisco Sg550x-48mp Firmware -Cisco Sf550x-24 Firmware -Cisco Sf550x-24p Firmware -Cisco Sf550x-24mp Firmware -Cisco Sf550x-48 Firmware -Cisco Sf550x-48p Firmware -Cisco Sf550x-48mp Firmware -
7.2
CVSSv2
CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character....
Sudo Project SudoSudo Project Sudo 1.9.5Fedoraproject Fedora 32Fedoraproject Fedora 33Debian Debian Linux 9.0Debian Debian Linux 10.0Netapp Hci Management Node -Netapp Oncommand Unified Manager Core Package -Netapp Solidfire -Mcafee Web Gateway 8.2.17Mcafee Web Gateway 9.2.8Mcafee Web Gateway 10.0.4Synology Diskstation Manager 6.2Synology Diskstation Manager Unified Controller 3.0Synology Skynas Firmware -Synology Vs960hd Firmware -Beyondtrust Privilege Management For MacBeyondtrust Privilege Management For Unix\\/linux
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-24027open redirectCVE-2021-30487CVE-2021-28048CVE-2021-23886local file inclusionCVE-2021-28483log injectionCVE-2021-29448
Vulnerability Notification
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook