| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 221195. |
| Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to gain elevated privileges.
|
| IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678. |
| MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\node_modules\. This issue affects MongoDB Compass prior to 1.42.1 |
| In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to logon locally by security policy so that this can only occur if the system has already been compromised. |
| Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
|
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| Windows Installer Information Disclosure Vulnerability |
| Microsoft PostScript Printer Driver Remote Code Execution Vulnerability |
| Windows Kernel Information Disclosure Vulnerability |
| Windows Authentication Elevation of Privilege Vulnerability |
| Windows Media Remote Code Execution Vulnerability |
| Windows Filtering Platform Elevation of Privilege Vulnerability |
| Windows Media Remote Code Execution Vulnerability |
| Windows GDI Elevation of Privilege Vulnerability |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Microsoft ODBC Driver Remote Code Execution Vulnerability |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
| Windows iSCSI Discovery Service Denial of Service Vulnerability |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
