Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
215
VMScore
CVE-2000-0881
The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
Plus Technologies Lpplus 3.2.2
Plus Technologies Lpplus 3.3
1 EDB exploit
356
VMScore
CVE-2014-0665
The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to th...
Cisco Identity Services Engine Software -
356
VMScore
CVE-2013-6695
The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the use...
Cisco Secure Access Control System -
641
VMScore
CVE-2013-5987
Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors.
Nvidia Gpu Driver 304.00
Nvidia Gpu Driver 310.00
Nvidia Gpu Driver 325.00
Nvidia Gpu Driver 319.00
Nvidia Gpu Driver 331.00
Apple Mac Os X 10.9.1
320
VMScore
CVE-2021-42257
check_smart prior to 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path (the /dev/bus substring and a number), aka an unanchored regular expression.
Check Smart Project Check Smart
365
VMScore
CVE-2017-3587
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Shared Folder). Supported versions that are affected are before 5.0.38 and before 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infr...
Oracle Vm Virtualbox
1 EDB exploit
465
VMScore
CVE-2017-3561
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.0.38 and before 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructur...
Oracle Vm Virtualbox
1 EDB exploit
NA
CVE-2023-20015
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local malicious user to inject unauthorized commands. This vulnerability is due ...
Cisco Ucs Central Software
Cisco Ucs 6536 Firmware -
Cisco Ucs 64108 Firmware -
Cisco Ucs 6454 Firmware -
Cisco Ucs 6200 Firmware -
Cisco Ucs 6248up Firmware -
Cisco Ucs 6296up Firmware -
Cisco Ucs 6300 Firmware -
Cisco Ucs 6324 Firmware -
Cisco Ucs 6332 Firmware -
Cisco Ucs 6332-16up Firmware -
Cisco Firepower Extensible Operating System -
405
VMScore
CVE-2009-0981
Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable resea...
Oracle Database 11g 11.1.0.7
1 EDB exploit
187
VMScore
CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side e...
Canonical Ubuntu Linux 18.04
Linuxcontainers Lxc
Suse Suse Linux Enterprise Server 11
Suse Caas Platform 2.0
Suse Openstack Cloud 6
Suse Caas Platform 1.0
Opensuse Leap 15.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »