CVE-2021-3982

MEDIUM Year: 2021
CVSS v3 Score
5.5
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-273
View all →

Vulnerability Description

Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine.

Related Vulnerabilities

CVE-2023-26239

MEDIUM
CVSS:5.5(Medium)

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user...

CWE-2732023

CVE-2021-47129

MEDIUM
CVSS:4.6(Medium)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: skip expectations for confirmed conntrack nft_ct_expect_obj_eval() calls nf_ct_ext_add() for a confirmed conntrac...

CWE-2732021

CVE-2023-52433

MEDIUM
CVSS:4.4(Medium)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before s...

CWE-2732023

CVE-2021-37839

MEDIUM
CVSS:4.3(Medium)

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.

CWE-2732021

CVE-2023-5369

HIGH
CVSS:7.1(High)

Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equival...

CWE-2732023

CVE-2024-25420

HIGH
CVSS:7.2(High)

An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component.

CWE-2732024