Total
1818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33640 | 1 Microsoft | 2 Open Management Infrastructure, System Center Operations Manager | 2025-06-05 | N/A | 7.8 HIGH |
| System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | |||||
| CVE-2024-22795 | 1 Forescout | 1 Secureconnector | 2025-06-05 | N/A | 7.0 HIGH |
| Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. | |||||
| CVE-2024-11721 | 1 Dynamiapps | 1 Frontend Admin | 2025-06-05 | N/A | 8.1 HIGH |
| The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5. This is due to insufficient controls on the user role select field when utilizing the 'Role' field in a form. This makes it possible for unauthenticated attackers to create new administrative user accounts, even when the administrative user role has not been provided as an option to the user, granted that unauthenticated users have been provided access to the form. | |||||
| CVE-2022-34706 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-06-04 | N/A | 7.8 HIGH |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | |||||
| CVE-2022-34703 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-06-04 | N/A | 7.8 HIGH |
| Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-27181 | 1 Apache | 1 Linkis | 2025-06-03 | N/A | 8.8 HIGH |
| In Apache Linkis <= 1.5.0, Privilege Escalation in Basic management services where the attacking user is a trusted account allows access to Linkis's Token information. Users are advised to upgrade to version 1.6.0, which fixes this issue. | |||||
| CVE-2024-21888 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2025-06-03 | N/A | 8.8 HIGH |
| A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator. | |||||
| CVE-2025-26396 | 2025-06-02 | N/A | 7.8 HIGH | ||
| The SolarWinds Dameware Mini Remote Control was determined to be affected by Incorrect Permissions Local Privilege Escalation Vulnerability. This vulnerability requires local access and a valid low privilege account to be susceptible to this vulnerability. | |||||
| CVE-2025-0358 | 2025-06-02 | N/A | 8.8 HIGH | ||
| During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges. | |||||
| CVE-2024-51392 | 2025-05-30 | N/A | 8.8 HIGH | ||
| An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component | |||||
| CVE-2025-4636 | 2025-05-30 | N/A | 7.8 HIGH | ||
| Due to excessive privileges granted to the web user running the airpointer web platform, a malicious actor that gains control of the this user would be able to privilege escalate to the root user | |||||
| CVE-2024-28813 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2025-05-30 | N/A | 8.4 HIGH |
| An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface. | |||||
| CVE-2024-40458 | 1 Ocuco | 1 Innovation | 2025-05-30 | N/A | 7.8 HIGH |
| An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets. | |||||
| CVE-2024-40459 | 1 Ocuco | 1 Innovation | 2025-05-30 | N/A | 7.8 HIGH |
| An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a local attacker to escalate privileges via the application manager function | |||||
| CVE-2024-40460 | 1 Ocuco | 1 Innovation | 2025-05-30 | N/A | 7.8 HIGH |
| An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the JOBENTRY.EXE | |||||
| CVE-2024-40461 | 1 Ocuco | 1 Innovation | 2025-05-30 | N/A | 7.8 HIGH |
| An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the STOCKORDERENTRY.EXE component | |||||
| CVE-2024-40462 | 1 Ocuco | 1 Innovation | 2025-05-30 | N/A | 7.8 HIGH |
| An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the SETTINGSVATIGATOR.EXE component | |||||
| CVE-2024-41199 | 1 Ocuco | 1 Innovation | 2025-05-30 | N/A | 7.2 HIGH |
| An issue in Ocuco Innovation - JOBMANAGER.EXE v2.10.24.16 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet. | |||||
| CVE-2023-51356 | 1 Reputeinfosystems | 1 Armember | 2025-05-29 | N/A | 8.8 HIGH |
| Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10. | |||||
| CVE-2023-47837 | 1 Reputeinfosystems | 1 Armember | 2025-05-29 | N/A | 8.3 HIGH |
| Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10. | |||||