• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-269

CVE-2021-38634

February 23, 2023 by

Microsoft Windows Update Client Elevation of Privilege Vulnerability

CVE-2021-38295

February 23, 2023 by

In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will be executed within the security context of that admin. A similar route is available with the already deprecated _show and _list functionality. This privilege escalation vulnerability allows an attacker to add or remove data in any database or make configuration changes. This issue affected Apache CouchDB prior to 3.1.2

CVE-2021-38140

February 23, 2023 by

The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user().

CVE-2021-37911

February 23, 2023 by

The management interface of BenQ smart wireless conference projector does not properly control user’s privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork.

CVE-2021-37941

February 23, 2023 by

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of permissions than they possess. This vulnerability affects users that have set up the agent via the attacher cli 3, the attach API 2, as well as users that have enabled the profiling_inferred_spans_enabled option

CVE-2021-37852

February 23, 2023 by

ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITYSYSTEM.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 93
  • Go to page 94
  • Go to page 95
  • Go to page 96
  • Go to page 97
  • Interim pages omitted …
  • Go to page 206
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE