CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-37941
https://notcve.org/view.php?id=CVE-2021-37941
08 Dec 2021 — A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. • https://discuss.elastic.co/t/apm-java-agent-security-update/289627 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42110
https://notcve.org/view.php?id=CVE-2021-42110
08 Dec 2021 — A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking. • http://www.popsy.com/Documents/Setups/Setup.Allegro.3.3.4154.2.exe •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-31631
https://notcve.org/view.php?id=CVE-2021-31631
06 Dec 2021 — This vulnerability allows attackers to escalate privileges. • https://gist.github.com/stacksmasher007/76514ab2b782fb4383f1121e6fc19241 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 2CVE-2021-43784 – Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration
https://notcve.org/view.php?id=CVE-2021-43784
06 Dec 2021 — An attacker could possibly use this issue to escalate privileges. ... An attacker could possibly use this issue to escalate privileges. • https://packetstorm.news/files/id/165165 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42115 – Missing HTTPOnly flag on sensitive cookie in TopEase
https://notcve.org/view.php?id=CVE-2021-42115
30 Nov 2021 — Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an unauthenticated remote attacker to escalate privileges from unauthenticated to authenticated user via stealing and injecting the session- independent and static cookie UID. • https://confluence.topease.ch/confluence/display/DOC/Release+Notes • CWE-732: Incorrect Permission Assignment for Critical Resource CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44019 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44019
30 Nov 2021 — An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar, pero no idéntica, a CVE-2021-44020 y 44021 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Business Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the ... • https://success.trendmicro.com/solution/000289230 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44021 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44021
30 Nov 2021 — An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar, pero no idéntica, a CVE-2021-44019 y 44020 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Business Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the ... • https://success.trendmicro.com/solution/000289230 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44020 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44020
30 Nov 2021 — An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar, pero no idéntica, a CVE-2021-44019 y 44021 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Business Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the ... • https://success.trendmicro.com/solution/000289230 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-44198 – DLL hijacking could lead to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-44198
29 Nov 2021 — DLL hijacking could lead to local privilege escalation. • https://security-advisory.acronis.com/advisories/SEC-2128 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34998 – Panda Security Free Antivirus Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-34998
29 Nov 2021 — This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. ... Fue ZDI-CAN-14208 This vulnerability allows local attackers to escalate privileges on affected install... • https://www.pandasecurity.com/en/support/card?id=100077 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •