Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and previous versions which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a loca...
Canonical Apport
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
3 Github repositories
5.5
CVSSv3
CVE-2020-9451
An issue exists in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a (not yet created)...
Acronis True Image 2020 24.5.22510
NA
CVE-2013-4514
Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel prior to 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, relate...
Linux Linux Kernel 3.9.0
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.10.8
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.8.10
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.4.1
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
NA
CVE-2013-4515
The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel prior to 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call.
Linux Linux Kernel 3.9.0
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.10.8
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.8.10
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.4.1
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
NA
CVE-2013-0313
The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel prior to 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspeci...
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.1
Linux Linux Kernel 3.2.5
Linux Linux Kernel 3.2.26
Linux Linux Kernel 3.4
Linux Linux Kernel 3.0.18
Linux Linux Kernel 3.0.6
Linux Linux Kernel 3.0.36
8.1
CVSSv3
CVE-2011-4126
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere.
Calibre-ebook Calibre -
7.8
CVSSv3
CVE-2020-12744
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.
Verint Desktop And Process Analytics 15.2
3.3
CVSSv3
CVE-2022-22270
An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.
Google Android 9.0
Google Android 10.0
Google Android 11.0
7.1
CVSSv3
CVE-2023-27706
Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged processes.
Bitwarden Bitwarden
1 Github repository
9.8
CVSSv3
CVE-2021-31316
The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter.
Control-webpanel Webpanel -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »