CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27192
https://notcve.org/view.php?id=CVE-2021-27192
25 Mar 2021 — Local privilege escalation vulnerability in Windows clients of Netop Vision Pro up to and including 9.7.1 allows a local user to gain administrator privileges whilst using the clients. • https://www.mcafee.com/blogs/other-blogs/mcafee-labs/netop-vision-pro-distance-learning-software-is-20-20-in-hindsight • CWE-269: Improper Privilege Management •
CVSS: 7.2EPSS: 0%CPEs: 74EXPL: 0CVE-2021-1390 – Cisco IOS XE Software Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1390
24 Mar 2021 — A vulnerability in one of the diagnostic test CLI commands of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker would need to have valid user credentials at privilege level 15. This vulnerability exists because the affected software permits modification of the run-time memory of an affected device under specific circumstances. An attacker could exploit this vulnerability by authenticating to the aff... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-OFP-6Nezgn7b • CWE-123: Write-what-where Condition •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-22314
https://notcve.org/view.php?id=CVE-2021-22314
22 Mar 2021 — There is a local privilege escalation vulnerability in some versions of ManageOne. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210218-01-privilege-en •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2021-21089 – Adobe Acrobat Reader DC URI Parsing Out-Of-Bounds Read
https://notcve.org/view.php?id=CVE-2021-21089
18 Mar 2021 — An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-20002
https://notcve.org/view.php?id=CVE-2017-20002
17 Mar 2021 — This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27892
https://notcve.org/view.php?id=CVE-2021-27892
15 Mar 2021 — SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation. • https://info.ssh.com/tectia-vulnerability-cve-2021-27892 •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27893
https://notcve.org/view.php?id=CVE-2021-27893
15 Mar 2021 — SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions. • https://info.ssh.com/tectia-vulnerability-cve-2021-27893 •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21069 – Adobe Creative Cloud Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-21069
12 Mar 2021 — Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. ... Una explotación de este problema no requiere una interacción del usuario This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Creative Cloud on Apple macOS. ... An attacker can leverage this vulnerability to ... • https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-27646 – Synology DiskStation Manager iscsi_snapshot_comm_core Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27646
12 Mar 2021 — An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the current process. • https://www.synology.com/security/advisory/Synology_SA_20_26 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26569 – Synology DiskStation Manager iscsi_snapshot_comm_core Race Condition Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26569
12 Mar 2021 — An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the current process. • https://www.synology.com/security/advisory/Synology_SA_20_26 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-366: Race Condition within a Thread •