Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-3557
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalation...
Linuxfoundation Argo-cd
Redhat Openshift Gitops 1.1
2.1
CVSSv2
CVE-2017-2328
An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to elevate their permissions through reading unprivileged information stored in the NorthStar controller.
Juniper Northstar Controller
2.1
CVSSv2
CVE-2017-2329
An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to execute certain specific unprivileged system files capable of causing widespread denials of sy...
Juniper Northstar Controller
1.9
CVSSv2
CVE-2012-6538
The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel prior to 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.1
Linux Linux Kernel 3.0.63
Linux Linux Kernel 3.0.46
Linux Linux Kernel 3.0.47
7.2
CVSSv2
CVE-2020-8948
The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) before build 5043 allows an unprivileged user to overwrite arbitrary files in arbitrary folders using hard links. An unprivileged user could leverage this vulnerability to execute arbitrary code with system privi...
Sierrawireless Mobile Broadband Driver Package
4.6
CVSSv2
CVE-2017-2663
It was found that subscription-manager's DBus interface prior to 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or ...
Redhat Subscription-manager
NA
CVE-2023-1981
A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.
Avahi Avahi 0.7-20
Fedoraproject Fedora 37
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
8.5
CVSSv2
CVE-2007-0723
Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 up to and including 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors.
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.3
Apple Mac Os X Server 10.4
Apple Mac Os X Server 10.4.1
Apple Mac Os X Server 10.4.2
Apple Mac Os X 10.4.4
Apple Mac Os X 10.4.5
Apple Mac Os X Server 10.4.3
Apple Mac Os X Server 10.4.4
Apple Mac Os X 10.4
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.8
Apple Mac Os X Server 10.3.9
Apple Mac Os X Server 10.4.7
Apple Mac Os X Server 10.4.8
Apple Mac Os X 10.3.9
Apple Mac Os X 10.4.6
Apple Mac Os X 10.4.7
Apple Mac Os X Server 10.4.5
Apple Mac Os X Server 10.4.6
2.1
CVSSv2
CVE-2011-0412
Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks.
Sun Sunos 5.10
Sun Sunos 5.8
Sun Sunos 5.9
2.1
CVSSv2
CVE-2012-6536
net/xfrm/xfrm_user.c in the Linux kernel prior to 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and ...
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.1
Linux Linux Kernel 3.0.63
Linux Linux Kernel 3.0.46
Linux Linux Kernel 3.0.47
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »