Total
2410 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-43759 | 1 Suse | 1 Rancher | 2025-03-25 | 7.2 High |
| A Improper Privilege Management vulnerability in SUSE Rancher, allows users with access to the escalate verb on PRTBs to escalate permissions for any -promoted resource in any cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10. | ||||
| CVE-2022-38777 | 2 Elastic, Microsoft | 3 Endgame, Endpoint Security, Windows | 2025-03-25 | 7.8 High |
| An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | ||||
| CVE-2023-49232 | 1 Stilog | 1 Visual Planning 8 | 2025-03-25 | 9.8 Critical |
| An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to brute-force the password reset PINs of administrative users. | ||||
| CVE-2024-29667 | 1 Tongtianxing Technology Co Ltd | 1 Cmsv6 | 2025-03-25 | 9.8 Critical |
| SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 through v.7.31.0.3 allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter. | ||||
| CVE-2022-48286 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-25 | 7.5 High |
| The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2023-21421 | 1 Samsung | 1 Android | 2025-03-24 | 5.9 Medium |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN. | ||||
| CVE-2024-24402 | 1 Nagios | 1 Nagios Xi | 2025-03-24 | 9.8 Critical |
| An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component. | ||||
| CVE-2024-26314 | 3 Iconics, Jungo, Mitsubishielectric | 49 Genesis64, Windriver, C Controller Module Setting And Monitoring Tool and 46 more | 2025-03-21 | 7.8 High |
| Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code. | ||||
| CVE-2024-30542 | 1 Wpxpo | 1 Wholesalex | 2025-03-21 | 9.8 Critical |
| Improper Privilege Management vulnerability in Wholesale WholesaleX allows Privilege Escalation.This issue affects WholesaleX: from n/a through 1.3.2. | ||||
| CVE-2024-22235 | 1 Vmware | 2 Aria Operations, Cloud Foundation | 2025-03-20 | 6.7 Medium |
| VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. | ||||
| CVE-2022-27677 | 1 Amd | 1 Ryzen Master | 2025-03-19 | 7.8 High |
| Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user. | ||||
| CVE-2022-42455 | 1 Asus | 1 Armoury Crate | 2025-03-19 | 7.8 High |
| ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges. | ||||
| CVE-2024-23276 | 1 Apple | 1 Macos | 2025-03-19 | 8.4 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | ||||
| CVE-2023-25011 | 1 Nec | 1 Pc Settings Tool | 2025-03-19 | 7.8 High |
| PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges. | ||||
| CVE-2022-42735 | 1 Apache | 1 Shenyu | 2025-03-19 | 8.8 High |
| Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 . | ||||
| CVE-2025-26706 | 1 Zte | 1 Goldendb | 2025-03-19 | 5.4 Medium |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.07. | ||||
| CVE-2025-26705 | 1 Zte | 1 Goldendb | 2025-03-19 | 5.3 Medium |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | ||||
| CVE-2025-26704 | 1 Zte | 1 Goldendb | 2025-03-19 | 6.4 Medium |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | ||||
| CVE-2025-26703 | 1 Zte | 1 Goldendb | 2025-03-19 | 4.3 Medium |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. | ||||
| CVE-2023-37058 | 1 Unionman | 2 Jlink Ax1800, Jlink Ax1800 Firmware | 2025-03-18 | 9.8 Critical |
| Insecure Permissions vulnerability in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted command. | ||||