Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privilege vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-12613
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the proce...
Beyondtrust Privilege Management For Windows
7.8
CVSSv3
CVE-2021-42254
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
Beyondtrust Privilege Management For Windows
7.8
CVSSv3
CVE-2020-4609
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...
Ibm Security Verify Privilege Manager
7.8
CVSSv3
CVE-2020-4610
IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. IBM X-Force ID: 184919.
Ibm Security Verify Privilege Manager
5.5
CVSSv3
CVE-2020-25738
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows malicious users to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database.
Cyberark Endpoint Privilege Manager 11.1.0.173
7.8
CVSSv3
CVE-2020-28369
In BeyondTrust Privilege Management for Windows (aka PMfW) up to and including 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.
Beyondtrust Privilege Management For Windows
5.4
CVSSv3
CVE-2018-12903
In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App Gr...
Cyberark Endpoint Privilege Manager 10.2.1.603
6.7
CVSSv3
CVE-2023-49944
The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) prior to 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Age...
Beyondtrust Privilege Management For Windows
9.8
CVSSv3
CVE-2018-15439
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote malicious user to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a pr...
Cisco Sg200-50 Firmware -
Cisco Sg200-50p Firmware -
Cisco Sg200-50fp Firmware -
Cisco Sg200-26 Firmware -
Cisco Sg200-26p Firmware -
Cisco Sg200-26fp Firmware -
Cisco Sg200-18 Firmware -
Cisco Sg200-10fp Firmware -
Cisco Sg200-08 Firmware -
Cisco Sg200-08p Firmware -
Cisco Sf200-24 Firmware -
Cisco Sf200-24p Firmware -
Cisco Sf200-24fp Firmware -
Cisco Sf200-48 Firmware -
Cisco Sf200-48p Firmware -
Cisco Sf302-08pp Firmware -
Cisco Sf302-08mpp Firmware -
Cisco Sg300-10pp Firmware -
Cisco Sg300-10mpp Firmware -
Cisco Sf300-24pp Firmware -
Cisco Sf300-48pp Firmware -
Cisco Sg300-28pp Firmware -
NA
CVE-2014-2126
Cisco Adaptive Security Appliance (ASA) Software 8.2 prior to 8.2(5.47), 8.4 prior to 8.4(7.5), 8.7 prior to 8.7(1.11), 9.0 prior to 9.0(3.10), and 9.1 prior to 9.1(3.4) allows remote authenticated users to gain privileges by leveraging level-0 ASDM access, aka Bug ID CSCuj33496.
Cisco Adaptive Security Appliance Software 8.2
Cisco Adaptive Security Appliance Software 8.4
Cisco Adaptive Security Appliance Software 9.0
Cisco Adaptive Security Appliance Software 8.7
Cisco Adaptive Security Appliance Software 9.1
2 Nmap scripts
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »