CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21910
https://notcve.org/view.php?id=CVE-2021-21910
22 Dec 2021 — A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1360 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27445 – Mesa Labs AmegaView Improper Privilege Management
https://notcve.org/view.php?id=CVE-2021-27445
21 Dec 2021 — Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device. • https://us-cert.cisa.gov/ics/advisories/icsa-21-147-03 • CWE-269: Improper Privilege Management CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-42808 – The Sentinel Protection Installer 7.7.0 creates files and directory with all privileges granting any user full permissions.
https://notcve.org/view.php?id=CVE-2021-42808
20 Dec 2021 — Improper Access Control in Thales Sentinel Protection Installer could allow a local user to escalate privileges. • https://cpl.thalesgroup.com/fr/software-monetization/security-updates • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 6%CPEs: 4EXPL: 0CVE-2021-35234 – Exposed Dangerous Functions - Privileged Escalation
https://notcve.org/view.php?id=CVE-2021-35234
20 Dec 2021 — Un atacante con bajos privilegios de usuario puede robar los hashes de las contraseñas y la información de las sales de las contraseñas This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. ... An attacker can leverage this vulnerability to escalate privileges to the level of an application administrator. • https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-secure-configuration.htm • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-4011 – X.Org Server SwapCreateRegister Out-Of-Bounds Access Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-4011
17 Dec 2021 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-4010 – X.Org Server SProcScreenSaverSuspend Out-Of-Bounds Access Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-4010
17 Dec 2021 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKLSZCY47QK4RCJFXITYFALCGPJAFXOK • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-4009 – X.Org Server SProcXFixesCreatePointerBarrier Out-Of-Bounds Access Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-4009
17 Dec 2021 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-4008 – X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-4008
15 Dec 2021 — This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://lists.debian.org/debian-lts-announce/2021/12/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 24EXPL: 0CVE-2021-43247 – Windows TCP/IP Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43247
15 Dec 2021 — Windows TCP/IP Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios de Windows TCP/IP Driver This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43247 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-43237 – Windows Setup Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43237
15 Dec 2021 — Windows Setup Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Setup This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43237 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •