Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unprivileged vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0875
SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an...
Systemtap Systemtap 1.7
Systemtap Systemtap 1.6.7
7.8
CVSSv3
CVE-2021-41103
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to tra...
Linuxfoundation Containerd
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
NA
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrec...
7.8
CVSSv3
CVE-2022-43751
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary c...
Mcafee Total Protection
9.8
CVSSv3
CVE-2020-11799
Z-Cron 5.6 Build 04 allows an unprivileged malicious user to elevate privileges by modifying a privileged user's task. This can also affect all users who are signed in on the system if a shell is placed in a location that other unprivileged users have access to.
Z-cron Z-cron 5.6
6.5
CVSSv3
CVE-2020-36603
The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys drive...
Hoyoverse Mhyprot2 1.0.0.0
7.8
CVSSv3
CVE-2021-34110
WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user to replace the executable with a malicious file that will be executed with "LocalSystem" privileges.
Nica Winwaste.net 1.0.6183.16475
NA
CVE-2014-3122
The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel prior to 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table ...
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
NA
CVE-2012-2745
The copy_creds function in kernel/cred.c in the Linux kernel prior to 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.
Linux Linux Kernel 3.3
Linux Linux Kernel
5.3
CVSSv3
CVE-2018-6693
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and previous versions. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is abl...
Mcafee Endpoint Security For Linux Threat Prevention
Mcafee Endpoint Security For Linux Threat Prevention 10.5.1
Mcafee Endpoint Security Linux Threat Prevention 10.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »