CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44021 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44021
30 Nov 2021 — An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar, pero no idéntica, a CVE-2021-44019 y 44020 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Business Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the ... • https://success.trendmicro.com/solution/000289230 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44020 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44020
30 Nov 2021 — An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar, pero no idéntica, a CVE-2021-44019 y 44021 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Business Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the ... • https://success.trendmicro.com/solution/000289230 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-44198 – DLL hijacking could lead to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-44198
29 Nov 2021 — DLL hijacking could lead to local privilege escalation. • https://security-advisory.acronis.com/advisories/SEC-2128 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34998 – Panda Security Free Antivirus Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-34998
29 Nov 2021 — This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... Fue ZDI-CAN-14208 This vulnerability allows local attackers to escalate privileges on affected install... • https://www.pandasecurity.com/en/support/card?id=100077 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31822
https://notcve.org/view.php?id=CVE-2021-31822
24 Nov 2021 — When Octopus Tentacle is installed on a Linux operating system, the systemd service file permissions are misconfigured. This could lead to a local unprivileged user modifying the contents of the systemd service file to gain privileged access. Cuando Octopus Tentacle se instala en un sistema operativo Linux, los permisos del archivo de servicio systemd están configurados inapropiadamente. Esto puede conllevar a que un usuario local no privilegiado modifique el contenido del archivo de servicio systemd para c... • https://advisories.octopus.com/adv/2021-11---Local-privilege-escalation-in-Octopus-Tentacle-%28CVE-2021-31822%29.2283732993.html • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-42297 – Windows 10 Update Assistant Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-42297
24 Nov 2021 — Este CVE ID es diferente de CVE-2021-43211 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42297 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43019 – Adobe Creative Cloud Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-43019
23 Nov 2021 — An unauthenticated attacker could leverage this vulnerability to remove files and escalate privileges under the context of SYSTEM . ... Es requerida una interacción del usuario antes de la instalación del producto para abusar de esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Creative Cloud. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-35052 – Kaspersky Password Manager Improper Privilege Management Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-35052
23 Nov 2021 — Un componente de Kaspersky Password Manager podría permitir a un atacante elevar el nivel de integridad de un proceso de Medio a Alto This vulnerability allows local attackers to escalate privileges on affected installations of Kaspersky Password Manager. ... An attacker can leverage this vulnerability to escalate privileges from medium integrity and execute code in the context of the current user at high integrity. • https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42126 – Ivanti Avalanche User Management Improper Authentication Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42126
18 Nov 2021 — Se presenta una vulnerabilidad de control de autorización inapropiada en Ivanti Avalanche versiones anteriores a 6.3.3 que permite a un atacante con acceso al Servicio Inforail llevar a cabo una escalada de privilegios This vulnerability allows remote attackers to escalate privileges on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to escalate privileges to the level of admin. • https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3 • CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43771 – Trend Micro Antivirus for Mac Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-43771
17 Nov 2021 — Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. ... Tenga en cuenta que un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges