unprivileged vulnerabilities and exploits

(subscribe to this query)

9.8

CVSSv3

Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that unprivileged user SID, all function can access at Surveillance Station....

Qnap Ts-212p Firmware 4.2.1

7.8

CVSSv3

Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the `bwrap --userns2` option can be used to make the setuid process keep running as root while being traceable. This can in turn be used to gain root...

Projectatomic Bubblewrap Debian Debian Linux 10.0 Archlinux Arch Linux -Centos Centos 7.0

7.8

CVSSv3

An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The...

Kde Ktexteditor

9.8

CVSSv3

TemaTres 3.0 allows remote unprivileged users to create an administrator account...

Vocabularyserver Tematres 3.01 EDB exploit available

9.8

CVSSv3

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged...

Intel Active Management Technology Firmware 6.1 Intel Active Management Technology Firmware 6.2 Intel Active Management Technology Firmware 10.0 Intel Active Management Technology Firmware 11.0 Intel Active Management Technology Firmware 6.0 Intel Active Management Technology Firmware 9.0 Intel Active Management Technology Firmware 9.1 Intel Active Management Technology Firmware 9.5 Intel Active Management Technology Firmware 7.0 Intel Active Management Technology Firmware 7.1 Intel Active Management Technology Firmware 11.5 Intel Active Management Technology Firmware 11.6 Intel Active Management Technology Firmware 8.0 Intel Active Management Technology Firmware 8.11 EDB exploit available1 Metasploit module available1 Nmap script available51 Github repositories available12 Articles available

7.8

CVSSv3

PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but root code execution depends on these files, which allows local users to gain privileges by leveraging access to this unprivileged account....

Pnp4nagios Pnp4nagios

5.5

CVSSv3

An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to elevate their permissions through reading unprivileged information stored in the NorthStar controller....

Juniper Northstar Controller

7.8

CVSSv3

The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) before build 5043 allows an unprivileged user to overwrite arbitrary files in arbitrary folders using hard links. An unprivileged user could leverage this vulnerability to execute arbitrary code with system...

Sierrawireless Mobile Broadband Driver Package

6.5

CVSSv3

In JetBrains Hub before 2021.1.13956, an unprivileged user could perform DoS....

Jetbrains Hub1 Github repository available

6.2

CVSSv3

An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to execute certain specific unprivileged system files capable of causing widespread denials of...

Juniper Northstar Controller

Get Started

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook