Total
1785 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22331 | 1 Contec | 1 Conprosys Hmi System | 2025-04-03 | N/A | 7.5 HIGH |
| Use of default credentials vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information. | |||||
| CVE-2022-25631 | 1 Broadcom | 1 Symantec Endpoint Protection | 2025-04-03 | N/A | 7.8 HIGH |
| Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated | |||||
| CVE-2024-27210 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
| In policy_check of fvp.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-27222 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
| In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GRANT_URI_PERMISSIONS Attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-27224 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
| In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-27233 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
| In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission bypass due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-22008 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
| In config_gov_time_windows of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-1999-0084 | 1 Sun | 1 Nfs | 2025-04-03 | 7.2 HIGH | 8.4 HIGH |
| Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. | |||||
| CVE-2002-0367 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
| smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. | |||||
| CVE-2023-0101 | 1 Tenable | 1 Nessus | 2025-04-02 | N/A | 8.8 HIGH |
| A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host. | |||||
| CVE-2022-38774 | 2 Elastic, Microsoft | 3 Endgame, Endpoint Security, Windows | 2025-04-02 | N/A | 7.8 HIGH |
| An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | |||||
| CVE-2022-38775 | 2 Elastic, Microsoft | 2 Endpoint Security, Windows | 2025-04-02 | N/A | 7.8 HIGH |
| An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | |||||
| CVE-2025-24254 | 2025-04-01 | N/A | 8.8 HIGH | ||
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A user may be able to elevate privileges. | |||||
| CVE-2025-22231 | 2025-04-01 | N/A | 7.8 HIGH | ||
| VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations. | |||||
| CVE-2024-53349 | 1 Linuxfoundation | 1 Kuadrant | 2025-04-01 | N/A | 7.4 HIGH |
| Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's token, leading to escalation of privileges via the secretes component in the k8s cluster | |||||
| CVE-2024-53350 | 1 Kubeslice | 1 Kubeslice | 2025-04-01 | N/A | 7.4 HIGH |
| Insecure permissions in kubeslice v1.3.1 allow attackers to gain access to the service account's token, leading to escalation of privileges. | |||||
| CVE-2022-43997 | 1 Aternity | 1 Aternity | 2025-04-01 | N/A | 7.8 HIGH |
| Incorrect access control in Aternity agent in Riverbed Aternity before 12.1.4.27 allows for local privilege escalation. There is an insufficiently protected handle to the A180AG.exe SYSTEM process with PROCESS_ALL_ACCESS rights. | |||||
| CVE-2024-1138 | 2025-03-28 | N/A | 8.8 HIGH | ||
| The FTL Server component of TIBCO Software Inc.'s TIBCO FTL - Enterprise Edition contains a vulnerability that allows a low privileged attacker with network access to execute a privilege escalation on the affected ftlserver. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Enterprise Edition: versions 6.10.1 and below. | |||||
| CVE-2024-1764 | 1 Devolutions | 1 Devolutions Server | 2025-03-28 | N/A | 7.6 HIGH |
| Improper privilege management in Just-in-time (JIT) elevation module in Devolutions Server 2023.3.14.0 and earlier allows a user to continue using the elevated privilege even after the expiration under specific circumstances | |||||
| CVE-2024-22264 | 2025-03-27 | N/A | 7.2 HIGH | ||
| VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with admin privileges on VMware Avi Load Balancer can create, modify, execute and delete files as a root user on the host system. | |||||