Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
CWE-269
CVE-2021-32415
EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates.
CVE-2021-31954
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-31961
Windows InstallService Elevation of Privilege Vulnerability
CVE-2021-31969
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2021-31833
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run.