Total
1805 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-41715 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2025-05-02 | N/A | 8.8 HIGH |
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel. | |||||
CVE-2024-42774 | 1 Jayesh | 1 Hotel Management System | 2025-04-30 | N/A | 7.5 HIGH |
An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to delete valid hotel room entries in the administrator section. | |||||
CVE-2025-29924 | 1 Xwiki | 1 Xwiki | 2025-04-30 | N/A | 7.5 HIGH |
XWiki Platform is a generic wiki platform. Prior to 15.10.14, 16.4.6, and 16.10.0-rc-1, it's possible for an user to get access to private information through the REST API - but could also be through another API - when a sub wiki is using "Prevent unregistered users to view pages". The vulnerability only affects subwikis, and it only concerns specific right options such as "Prevent unregistered users to view pages". or "Prevent unregistered users to edit pages". It's possible to detect the vulnerability by enabling "Prevent unregistered users to view pages" and then trying to access a page through the REST API without using any credentials. The vulnerability has been patched in XWiki 15.10.14, 16.4.6 and 16.10.0RC1. | |||||
CVE-2022-43308 | 1 Intelbras | 4 Sg 2404 Mr, Sg 2404 Mr Firmware, Sg 2404 Poe and 1 more | 2025-04-30 | N/A | 7.8 HIGH |
INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies. | |||||
CVE-2025-3761 | 2025-04-29 | N/A | 8.8 HIGH | ||
The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.16. This is due to the mt_save_profile() function not appropriately restricting access to unauthorized users to update roles. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to that of an administrator. | |||||
CVE-2025-3101 | 2025-04-29 | N/A | 8.8 HIGH | ||
The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change escalate their privileges to Administrator. | |||||
CVE-2025-2238 | 2025-04-29 | N/A | 8.8 HIGH | ||
The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including, 1.9.30. This is due to insufficient user_meta restrictions in the 'vikinger_user_meta_update_ajax' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate their privileges to Administrator-level. | |||||
CVE-2024-42798 | 1 Lopalopa | 1 Music Management System | 2025-04-28 | N/A | 7.6 HIGH |
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music/index.php?page=edit_user in Kashipara Music Management System v1.0. This allows a low privileged attacker to take over the administrator account. | |||||
CVE-2024-42995 | 1 Vtiger | 1 Vtiger Crm | 2025-04-28 | N/A | 8.3 HIGH |
VTiger CRM <= 8.1.0 does not correctly check user privileges. A low-privileged user can interact directly with the "Migration" administrative module to disable arbitrary modules. | |||||
CVE-2022-46410 | 1 Veritas | 1 Netbackup Flex Scale Appliance | 2025-04-24 | N/A | 8.8 HIGH |
An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands. | |||||
CVE-2022-3641 | 1 Devolutions | 1 Remote Desktop Manager | 2025-04-23 | N/A | 8.8 HIGH |
Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account. | |||||
CVE-2022-42796 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-22 | N/A | 7.8 HIGH |
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges. | |||||
CVE-2024-49742 | 1 Google | 1 Android | 2025-04-22 | N/A | 7.8 HIGH |
In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an app with notification access in Settings due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
CVE-2025-28237 | 2025-04-22 | N/A | 8.8 HIGH | ||
An issue in WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1 allows authenticated attackers to escalate privileges via a crafted JSON payload. | |||||
CVE-2023-41076 | 1 Apple | 1 Macos | 2025-04-21 | N/A | 7.3 HIGH |
An app may be able to elevate privileges. This issue is fixed in macOS 14. This issue was addressed by removing the vulnerable code. | |||||
CVE-2022-42855 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-04-21 | N/A | 7.1 HIGH |
A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to use arbitrary entitlements. | |||||
CVE-2022-42849 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2025-04-21 | N/A | 7.8 HIGH |
An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2, watchOS 9.2. A user may be able to elevate privileges. | |||||
CVE-2017-15055 | 1 Teampass | 1 Teampass | 2025-04-20 | 6.5 MEDIUM | 8.1 HIGH |
TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, edit any item within a read-only directory, delete an arbitrary item, delete the file attachments of an arbitrary item, copy the password of an arbitrary item to the copy/paste buffer, access the history of an arbitrary item, and edit attributes of an arbitrary directory. To exploit the vulnerability, an authenticated attacker must tamper with the requests sent directly, for example by changing the "item_id" parameter when invoking "copy_item" on items.queries.php. | |||||
CVE-2017-7922 | 1 Cambium Networks | 8 Epmp 1000, Epmp 1000 Firmware, Epmp 1000 Hotspot and 5 more | 2025-04-20 | 6.5 MEDIUM | 7.6 HIGH |
An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes. | |||||
CVE-2017-5254 | 1 Cambiumnetworks | 4 Epmp 1000, Epmp 1000 Firmware, Epmp 2000 and 1 more | 2025-04-20 | 9.0 HIGH | 8.8 HIGH |
In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after disabling a client-side protection mechanism. |