CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-27258 – SolarWinds Orion Platform NCM SCM IPAM SaveUserSetting Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-27258
14 Apr 2021 — This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. ... An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. ... Era ZDI-CAN-11903 This vulnerability allows remote attackers to execute escalate privileges on affected ins... • https://www.zerodayinitiative.com/advisories/ZDI-21-192 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-28098
https://notcve.org/view.php?id=CVE-2021-28098
14 Apr 2021 — A local privilege escalation vulnerability is present in the logging function. • https://www.adversis.io/research/2021/3/30/forescout-secure-connector-local-privilege-escalation • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-427: Uncontrolled Search Path Element CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-3472 – X.Org Server XChangeFeedbackControl Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-3472
14 Apr 2021 — An integer underflow can occur in xserver which can lead to a local privilege escalation. ... An interger underflow can occur in xserver which can lead to a local privilege escalation. ... This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • http://www.openwall.com/lists/oss-security/2021/04/13/1 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2021-26415 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-26415
13 Apr 2021 — An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of an administrator. • https://github.com/adenkiewicz/CVE-2021-26415 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22716 – Schneider Electric C-Bus Toolkit Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-22716
13 Apr 2021 — An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-103-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-103-01_C-Bus_Toolkit_C-Gate_Server_Security_Notification.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-29428 – Local privilege escalation through system temporary directory
https://notcve.org/view.php?id=CVE-2021-29428
13 Apr 2021 — Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreating files in the system temporary directory. • https://docs.gradle.org/7.0/release-notes.html#security-advisories • CWE-276: Incorrect Default Permissions CWE-378: Creation of Temporary File With Insecure Permissions CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2021-22505
https://notcve.org/view.php?id=CVE-2021-22505
13 Apr 2021 — The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent. • https://softwaresupport.softwaregrp.com/doc/KM03792442 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21545
https://notcve.org/view.php?id=CVE-2021-21545
12 Apr 2021 — Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user. • https://www.dell.com/support/kbdoc/en-us/000185100/dsa-2021-079-dell-client-security-update-for-dell-peripheral-manager-local-privilege-escalation-vulnerability • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-25250 – Trend Micro Apex One Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-25250
12 Apr 2021 — An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. ... Nota: un atacante primero debe obtener la habilidad de ejecutar código poco privilegiado en el sistema de destino para explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ...... • https://success.trendmicro.com/solution/000286019 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-25253 – Trend Micro Apex One Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-25253
12 Apr 2021 — An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. ... Nota: un atacante primero debe obtener la habilidad de ejecutar código poco privilegiado en el sistema de destino para explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro... • https://github.com/msd0pe-1/CVE-2021-25253 • CWE-732: Incorrect Permission Assignment for Critical Resource •