Show filters
44,087 Total Results
Displaying 31-40 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Very High
CVE-2021-39144
Disclosure Date: August 23, 2021 (last updated November 08, 2023)
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
4
Attacker Value
High
CVE-2021-33909
Disclosure Date: July 20, 2021 (last updated November 08, 2023)
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
3
Attacker Value
High
CVE-2021-33771
Disclosure Date: July 14, 2021 (last updated December 29, 2023)
Windows Kernel Elevation of Privilege Vulnerability
4
Attacker Value
Moderate
CVE-2021-3438
Disclosure Date: May 20, 2021 (last updated October 07, 2023)
A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.
3
Attacker Value
High
CVE-2020-1048: Windows Print Spooler Elevation of Privilege Vulnerability
Disclosure Date: May 21, 2020 (last updated September 18, 2020)
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.
5
Attacker Value
High
CVE-2020-3153
Disclosure Date: February 20, 2020 (last updated October 06, 2023)
A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
4
Attacker Value
Moderate
CVE-2020-0668
Disclosure Date: February 11, 2020 (last updated October 06, 2023)
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.
1
Attacker Value
Moderate
CVE-2023-36745
Disclosure Date: September 12, 2023 (last updated December 14, 2023)
Microsoft Exchange Server Remote Code Execution Vulnerability
3
Attacker Value
High
CVE-2023-36874
Disclosure Date: July 11, 2023 (last updated December 14, 2023)
Windows Error Reporting Service Elevation of Privilege Vulnerability
3
Attacker Value
Moderate
CVE-2023-29336
Disclosure Date: May 09, 2023 (last updated April 10, 2024)
Win32k Elevation of Privilege Vulnerability
3
