Total
2095 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36954 | 1 Microsoft | 10 Windows 10, Windows 10 1809, Windows 10 1909 and 7 more | 2024-11-21 | 8.8 High |
| Windows Bind Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-36945 | 1 Microsoft | 1 Windows 10 Update Assistant | 2024-11-21 | 7.3 High |
| Windows 10 Update Assistant Elevation of Privilege Vulnerability | ||||
| CVE-2021-36943 | 1 Microsoft | 1 Azure Cyclecloud | 2024-11-21 | 4 Medium |
| Azure CycleCloud Elevation of Privilege Vulnerability | ||||
| CVE-2021-36931 | 1 Microsoft | 1 Edge Chromium | 2024-11-21 | 4.4 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2021-36930 | 1 Microsoft | 2 Edge, Edge Chromium | 2024-11-21 | 5.3 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2021-36927 | 1 Microsoft | 8 Windows 7, Windows 8.1, Windows Rt 8.1 and 5 more | 2024-11-21 | 7.8 High |
| Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability | ||||
| CVE-2021-36784 | 1 Suse | 1 Rancher | 2024-11-21 | 7.2 High |
| A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. | ||||
| CVE-2021-36316 | 1 Dell | 1 Emc Avamar Server | 2024-11-21 | 6.7 Medium |
| Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation on the AUI. | ||||
| CVE-2021-36307 | 1 Dell | 1 Networking Os10 | 2024-11-21 | 8.8 High |
| Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system. | ||||
| CVE-2021-36302 | 1 Dell | 2 Emc Integrated System For Microsoft Azure Stack Hub, Emc Integrated System For Microsoft Azure Stack Hub Firmware | 2024-11-21 | 9.9 Critical |
| All Dell EMC Integrated System for Microsoft Azure Stack Hub versions contain a privilege escalation vulnerability. A remote malicious user with standard level JEA credentials may potentially exploit this vulnerability to elevate privileges and take over the system. | ||||
| CVE-2021-36293 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2024-11-21 | 6.4 Medium |
| Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges. | ||||
| CVE-2021-36290 | 1 Dell | 10 Emc Unity Operating Environment, Vnx5200, Vnx5400 and 7 more | 2024-11-21 | 6.4 Medium |
| Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges. | ||||
| CVE-2021-36207 | 1 Johnsoncontrols | 3 Metasys Application And Data Server, Metasys Extended Application And Data Server, Metasys Open Application Server | 2024-11-21 | 8.8 High |
| Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator. | ||||
| CVE-2021-35946 | 1 Owncloud | 1 Owncloud | 2024-11-21 | 9.8 Critical |
| A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions. | ||||
| CVE-2021-35534 | 1 Hitachienergy | 10 Gms600, Gms600 Firmware, Pwc600 and 7 more | 2024-11-21 | 7.2 High |
| Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions. | ||||
| CVE-2021-35523 | 1 Securepoint | 1 Openvpn-client | 2024-11-21 | 7.8 High |
| Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user. | ||||
| CVE-2021-35448 | 2 Microsoft, Remotemouse | 2 Windows, Emote Interactive Studio | 2024-11-21 | 7.8 High |
| Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections. | ||||
| CVE-2021-35309 | 1 Samsung | 1 Syncthru Web Service | 2024-11-21 | 7.5 High |
| An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks. | ||||
| CVE-2021-35064 | 1 Kramerav | 1 Viaware | 2024-11-21 | 9.8 Critical |
| KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg. | ||||
| CVE-2021-35052 | 1 Kaspersky | 1 Password Manager | 2024-11-21 | 7.8 High |
| A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High. | ||||