CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 1CVE-2021-43057
https://notcve.org/view.php?id=CVE-2021-43057
28 Oct 2021 — A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. • https://bugs.chromium.org/p/project-zero/issues/detail?id=2229 • CWE-416: Use After Free •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43211 – Windows 10 Update Assistant Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43211
27 Oct 2021 — Este CVE ID es diferente de CVE-2021-42297 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of Administrator. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43211 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2021-21703 – PHP-FPM memory access in root process leading to privilege escalation
https://notcve.org/view.php?id=CVE-2021-21703
25 Oct 2021 — In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the ... • http://www.openwall.com/lists/oss-security/2021/10/26/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-284: Improper Access Control CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 0CVE-2021-34981 – Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-34981
21 Oct 2021 — This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. ... This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. • https://www.zerodayinitiative.com/advisories/ZDI-21-1223 • CWE-415: Double Free •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2021-42739 – kernel: Heap buffer overflow in firedtv driver
https://notcve.org/view.php?id=CVE-2021-42739
20 Oct 2021 — This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=1951739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 221EXPL: 0CVE-2021-31359 – Junos OS and Junos OS Evolved: Local Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2021-31359
19 Oct 2021 — A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. • https://kb.juniper.net/JSA11222 • CWE-121: Stack-based Buffer Overflow CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42108 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42108
19 Oct 2021 — Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. ... Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex ... • https://success.trendmicro.com/solution/000289229 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42104 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42104
19 Oct 2021 — Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar pero no idéntica a las CVE-2021-42105, 42106 y 42107 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ... An attacker can leverage this vulnerability t... • https://success.trendmicro.com/solution/000289229 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42012 – Trend Micro Worry-Free Business Security Stack-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42012
19 Oct 2021 — A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. ... Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Busines... • https://success.trendmicro.com/solution/000289229 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-42103 – Trend Micro Apex One Uncontrolled Search Path Element Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42103
19 Oct 2021 — An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar pero no idéntica a la CVE-2021-42101 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM... • https://success.trendmicro.com/solution/000289229 • CWE-427: Uncontrolled Search Path Element •