CVE-2020-5955
https://notcve.org/view.php?id=CVE-2020-5955
A caller may be able to escalate privileges. • https://security.netapp.com/advisory/ntap-20220223-0003 https://www.insyde.com/products https://www.insyde.com/security-pledge/SA-2021002 •
CVE-2021-20135
https://notcve.org/view.php?id=CVE-2021-20135
Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. • https://www.tenable.com/security/tns-2021-18 •
CVE-2021-43267 – kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type
https://notcve.org/view.php?id=CVE-2021-43267
An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system. • https://github.com/zzhacked/CVE-2021-43267 https://github.com/DarkSprings/CVE-2021-43267-POC http://www.openwall.com/lists/oss-security/2022/02/10/1 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16 https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message • CWE-20: Improper Input Validation CWE-1284: Improper Validation of Specified Quantity in Input •
CVE-2021-3576 – Privilege escalation via SeImpersonatePrivilege
https://notcve.org/view.php?id=CVE-2021-3576
Bitdefender Total Security versiones anteriores a 25.0.26 This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender GravityZone. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-seimpersonateprivilege-in-bitdefender-endpoint-security-tools-va-9848 https://www.zerodayinitiative.com/advisories/ZDI-21-1276 https://www.zerodayinitiative.com/advisories/ZDI-21-1376 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVE-2021-3579 – Incorrect Default Permissions vulnerability in bdservicehost.exe and Vulnerability.Scan.exe
https://notcve.org/view.php?id=CVE-2021-3579
Bitdefender Total Security versiones anteriores a 7.2.1.65 This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.bitdefender.com/support/security-advisories/incorrect-default-permissions-vulnerability-in-bdservicehost-exe-and-vulnerability-scan-exe-va-9848 https://www.zerodayinitiative.com/advisories/ZDI-21-1277 • CWE-276: Incorrect Default Permissions •