Total
1477 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32196 | 2024-10-16 | N/A | N/A | ||
| A vulnerability has been identified whereby privilege escalation checks are not properly enforced for RoleTemplateobjects when external=true, which in specific scenarios can lead to privilege escalation. | |||||
| CVE-2023-32194 | 2024-10-16 | N/A | N/A | ||
| A vulnerability has been identified when granting a create or * global role for a resource type of "namespaces"; no matter the API group, the subject will receive * permissions for core namespaces. This can lead to someone being capable of accessing, creating, updating, or deleting a namespace in the project. | |||||
| CVE-2021-42082 | 1 Osnexus | 1 Quantastor | 2024-10-16 | N/A | 7.8 HIGH |
| Local users are able to execute scripts under root privileges. | |||||
| CVE-2024-9002 | 2024-10-15 | N/A | N/A | ||
| CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity, and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries | |||||
| CVE-2023-30680 | 1 Samsung | 1 Android | 2024-10-11 | N/A | 7.8 HIGH |
| Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege. | |||||
| CVE-2017-1000082 | 1 Systemd Project | 1 Systemd | 2024-10-11 | 10.0 HIGH | 9.8 CRITICAL |
| systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended. | |||||
| CVE-2023-31062 | 1 Apache | 1 Inlong | 2024-10-09 | N/A | 9.8 CRITICAL |
| Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid (but unprivileged) account, the exploit can be executed using Burp Suite by sending a login request and following it with a subsequent HTTP request using the returned cookie. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it. | |||||
| CVE-2023-21269 | 1 Google | 1 Android | 2024-10-09 | N/A | 7.8 HIGH |
| In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-31469 | 1 Apache | 1 Streampipes | 2024-10-09 | N/A | 8.8 HIGH |
| A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The issue is resolved by upgrading to StreamPipes 0.92.0. | |||||
| CVE-2021-1694 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-10-08 | 7.5 HIGH | 7.5 HIGH |
| Windows Update Stack Elevation of Privilege Vulnerability | |||||
| CVE-2021-1649 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-10-08 | 7.2 HIGH | 7.8 HIGH |
| Active Template Library Elevation of Privilege Vulnerability | |||||
| CVE-2021-1703 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-10-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Event Logging Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1659 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1642 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | |||||
| CVE-2021-1662 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2021-1719 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-10-08 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2021-1688 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1652 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-10-08 | 7.2 HIGH | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1712 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-10-08 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2021-1689 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Multipoint Management Elevation of Privilege Vulnerability | |||||