Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0875
SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an...
Systemtap Systemtap 1.7
Systemtap Systemtap 1.6.7
7.8
CVSSv3
CVE-2021-41103
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to tra...
Linuxfoundation Containerd
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
NA
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrec...
7.8
CVSSv3
CVE-2022-43751
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary c...
Mcafee Total Protection
9.8
CVSSv3
CVE-2020-11799
Z-Cron 5.6 Build 04 allows an unprivileged malicious user to elevate privileges by modifying a privileged user's task. This can also affect all users who are signed in on the system if a shell is placed in a location that other unprivileged users have access to.
Z-cron Z-cron 5.6
6.5
CVSSv3
CVE-2020-36603
The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys drive...
Hoyoverse Mhyprot2 1.0.0.0
7.8
CVSSv3
CVE-2021-34110
WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user to replace the executable with a malicious file that will be executed with "LocalSystem" privileges.
Nica Winwaste.net 1.0.6183.16475
NA
CVE-2014-3122
The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel prior to 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table ...
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
NA
CVE-2001-0349
Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of ...
Microsoft Windows 2000
NA
CVE-2012-2745
The copy_creds function in kernel/cred.c in the Linux kernel prior to 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.
Linux Linux Kernel 3.3
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »