Total
1302 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-37103 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.5 Medium |
| There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2021-37030 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 High |
| There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. | ||||
| CVE-2021-36990 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 9.8 Critical |
| There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions. | ||||
| CVE-2021-36989 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 9.8 Critical |
| There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions. | ||||
| CVE-2021-36795 | 1 Cohesity | 1 Linux Agent | 2024-11-21 | 7.8 High |
| A permission issue in the Cohesity Linux agent may allow privilege escalation in version 6.5.1b to 6.5.1d-hotfix10, 6.6.0a to 6.6.0b-hotfix1. An underprivileged linux user, if certain environment criteria are met, can gain additional privileges. | ||||
| CVE-2021-36781 | 1 Opensuse | 1 Factory | 2024-11-21 | 5.9 Medium |
| A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1. | ||||
| CVE-2021-36365 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 9.8 Critical |
| Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh. | ||||
| CVE-2021-36363 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | 9.8 Critical |
| Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php. | ||||
| CVE-2021-35312 | 1 Gestionaleamica | 1 Amica Prodigy | 2024-11-21 | 7.8 High |
| A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable "RemoteBackup.Service.exe" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with "LocalSystem" privileges. | ||||
| CVE-2021-34395 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 3.9 Low |
| Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited information disclosure, a low risk of modifcations to data, and limited denial of service. | ||||
| CVE-2021-34387 | 1 Nvidia | 2 Jetson Linux, Jetson Tx1 | 2024-11-21 | 6.3 Medium |
| The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with read, write, and execute permissions, which gives write access to kernel code and data that is otherwise mapped read only. | ||||
| CVE-2021-33923 | 1 Confluent | 1 Cp-ansible | 2024-11-21 | 5.5 Medium |
| Insecure permissions in Confluent Ansible (cp-ansible) 5.5.0, 5.5.1, 5.5.2 and 6.0.0 allows local attackers to access some sensitive information (private keys, state database). | ||||
| CVE-2021-33506 | 1 8x8 | 1 Jitsi Meet | 2024-11-21 | 7.5 High |
| jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not ensure that restrict_room_creation is set by default. This can allow an attacker to circumvent conference moderation. | ||||
| CVE-2021-33334 | 1 Liferay | 2 Dxp, Liferay Portal | 2024-11-21 | 4.3 Medium |
| The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.2, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 6, does not properly check user permissions, which allows remote attackers with the forms "Access in Site Administration" permission to view all forms and form entries in a site via the forms section in site administration. | ||||
| CVE-2021-33333 | 1 Liferay | 2 Dxp, Liferay Portal | 2024-11-21 | 6.3 Medium |
| The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19 and 7.2 before fix pack 6, does not properly check user permission, which allows remote authenticated users to view and delete workflow submissions via crafted URLs. | ||||
| CVE-2021-33327 | 1 Liferay | 2 Dxp, Liferay Portal | 2024-11-21 | 4.3 Medium |
| The Portlet Configuration module in Liferay Portal 7.2.0 through 7.3.3, and Liferay DXP 7.0 fix pack pack 93 and 94, 7.1 fix pack 18, and 7.2 before fix pack 8, does not properly check user permission, which allows remote authenticated users to view the Guest and User role even if "Role Visibility" is enabled. | ||||
| CVE-2021-33324 | 1 Liferay | 2 Dxp, Liferay Portal | 2024-11-21 | 4.3 Medium |
| The Layout module in Liferay Portal 7.1.0 through 7.3.1, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 5, does not properly check permission of pages, which allows remote authenticated users without view permission of a page to view the page via a site's page administration. | ||||
| CVE-2021-33214 | 1 Hms-networks | 1 Ecatcher | 2024-11-21 | 6.1 Medium |
| In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation. | ||||
| CVE-2021-33092 | 1 Intel | 3 Nuc M15 Laptop Kit Hid Event Filter Driver Pack, Nuc M15 Laptop Kit Lapbc510, Nuc M15 Laptop Kit Lapbc710 | 2024-11-21 | 7.8 High |
| Incorrect default permissions in the installer for the Intel(R) NUC M15 Laptop Kit HID Event Filter driver pack before version 2.2.1.383 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-33090 | 1 Intel | 4 Nuc10i3fn, Nuc10i5fn, Nuc10i7fn and 1 more | 2024-11-21 | 7.8 High |
| Incorrect default permissionsin the software installer for the Intel(R) NUC HDMI Firmware Update Tool for NUC10i3FN, NUC10i5FN, NUC10i7FN before version 1.78.2.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||