CVE-2021-45441 – Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-45441
Nota: un atacante debe obtener primero la capacidad de ejecutar código poco privilegiado en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000289996 https://www.zerodayinitiative.com/advisories/ZDI-22-017 • CWE-346: Origin Validation Error •
CVE-2021-45440 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-45440
Nota: un atacante debe obtener primero la capacidad de ejecutar código poco privilegiado en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Business Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000289996 https://www.zerodayinitiative.com/advisories/ZDI-22-016 • CWE-269: Improper Privilege Management •
CVE-2021-35000 – OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-35000
An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. . ... An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. • https://www.zerodayinitiative.com/advisories/ZDI-22-012 • CWE-908: Use of Uninitialized Resource •
CVE-2021-22045 – VMware Workstation SCSI Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-22045
Un actor malicioso con acceso a una máquina virtual con emulación de dispositivo de CD-ROM puede ser capaz de explotar esta vulnerabilidad en conjunto con otros problemas para ejecutar código en el hipervisor desde una máquina virtual This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. • http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html https://www.vmware.com/security/advisories/VMSA-2022-0001.html https://www.zerodayinitiative.com/advisories/ZDI-22-003 • CWE-787: Out-of-bounds Write •
CVE-2021-41388
https://notcve.org/view.php?id=CVE-2021-41388
Netskope client prior to 89.x on macOS is impacted by a local privilege escalation vulnerability. • https://www.netskope.com/company/security-compliance-and-assurance/netskope-security-advisory-nskpsa-2021-002 • CWE-269: Improper Privilege Management •