Show filters
204 topics marked with the following tags:
Displaying 161-170 of 204
Authenticated
Sort by:
Attacker Value
Very High

CVE-2021-24085

Disclosure Date: February 25, 2021 (last updated December 30, 2023)
Microsoft Exchange Server Spoofing Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
7
2
Attacker Value
Unknown

CVE-2021-30617

Disclosure Date: September 03, 2021 (last updated November 08, 2023)
Chromium: CVE-2021-30617 Policy bypass in Blink
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
1
1
Attacker Value
Moderate

CVE-2020-0787 Windows BITS Privesc

Disclosure Date: March 12, 2020 (last updated July 25, 2024)
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
1
3
Attacker Value
High

CVE-2021-34481

Disclosure Date: July 16, 2021 (last updated December 29, 2023)
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p><strong>UPDATE</strong> August 10, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. This security update changes the Point and Print default behavior; please see <a href="https://support.microsoft.com/help/5005652">KB5005652</a>.</p>
Attack Vector: NetworkPrivileges: LowUser Interaction: None
1
1
Attacker Value
High

CVE-2023-4911

Disclosure Date: October 03, 2023 (last updated September 18, 2024)
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Attack Vector: LocalPrivileges: LowUser Interaction: None
4
2
Attacker Value
Low

CVE-2020-5741

Disclosure Date: May 08, 2020 (last updated October 06, 2023)
Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
1
1
Attacker Value
Very High

CVE-2021-42592

Last updated October 18, 2021
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
1
1
Attacker Value
High

CVE-2021-33771

Disclosure Date: July 14, 2021 (last updated July 27, 2024)
Windows Kernel Elevation of Privilege Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
5
2
Attacker Value
Moderate

CVE-2020-0863

Disclosure Date: March 12, 2020 (last updated October 06, 2023)
An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka 'Connected User Experiences and Telemetry Service Information Disclosure Vulnerability'.
Attack Vector: LocalPrivileges: LowUser Interaction: None
1
1
Attacker Value
Moderate

CVE-2023-36745

Disclosure Date: September 12, 2023 (last updated December 14, 2023)
Microsoft Exchange Server Remote Code Execution Vulnerability
Attack Vector: Adjacent NetworkPrivileges: LowUser Interaction: None
3
2
View More Topics  < Previous  Next >