Oracle VirtualBox TFTP Server Directory Traversal Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

TeamViewer Improper Validation of Array Index Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer...

Microsoft Windows User Profile Service Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Profile...

Microsoft Windows EFI Partition Incorrect Authorization Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

Microsoft Windows DirectComposition Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2021-45442

A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security on prem only could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is similar to, but not the same as CVE-2021-44024. Please note: an attacker must first obtain the...

Privilege escalation

A link following privilege escalation vulnerability in Trend Micro Apex One on-prem and SaaS and Trend Micro Worry-Free Business Security 10.0 SP1 and Services could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on th...

Design/Logic Flaw

A link following denial-of-service vulnerability in Trend Micro Apex One on-prem and SaaS and Trend Micro Worry-Free Business Security 10.0 SP1 and Services could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability t...

Design/Logic Flaw

A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security on prem only could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is similar to, but not the same as CVE-2021-44024. Please note: an attacker must first obtain the...

Privilege escalation

A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 on-prem versions only could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. Please note: an attacker must first obtain the...

CVE-2021-45231

A link following privilege escalation vulnerability in Trend Micro Apex One on-prem and SaaS and Trend Micro Worry-Free Business Security 10.0 SP1 and Services could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on th...

Trend Micro Worry-Free Business Security Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Worry-Free Business Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specif...

Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

Microsoft Windows Print Spooler Link Following Privilege Escalation Vulnerability

This vulnerability allows local attackers to escape the low integrity sandbox on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Microsoft Windows tcpip.sys Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the tcpip.sys...

Trend Micro Maximum Security Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exis...

CVE-2021-44020

An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...

CVE-2021-44021

An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...

Authentication flaw

A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service DoS. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit th...