Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and previous versions which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a loca...
Canonical Apport
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
4 Github repositories
2.1
CVSSv2
CVE-2020-9451
An issue exists in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a (not yet created)...
Acronis True Image 2020 24.5.22510
4.7
CVSSv2
CVE-2013-4514
Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel prior to 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, relate...
Linux Linux Kernel 3.9.0
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.10.8
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.8.10
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.4.1
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
4.9
CVSSv2
CVE-2013-4515
The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel prior to 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call.
Linux Linux Kernel 3.9.0
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.10.8
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.8.10
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.4.1
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
6.2
CVSSv2
CVE-2013-0313
The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel prior to 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspeci...
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.1
Linux Linux Kernel 3.2.5
Linux Linux Kernel 3.2.26
Linux Linux Kernel 3.4
Linux Linux Kernel 3.0.18
Linux Linux Kernel 3.0.6
Linux Linux Kernel 3.0.36
2.1
CVSSv2
CVE-2021-25364
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows unprivileged applications to access contact information.
Google Android 11.0
NA
CVE-2020-12744
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.
Verint Desktop And Process Analytics 15.2
9.3
CVSSv2
CVE-2011-4126
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere.
Calibre-ebook Calibre -
10
CVSSv2
CVE-2021-31316
The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter.
Control-webpanel Webpanel -
NA
CVE-2023-27706
Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged processes.
Bitwarden Bitwarden
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »