Total
2828 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-47853 | 1 Mahara | 1 Mahara | 2025-09-22 | N/A | 8.8 HIGH |
| An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may utilize escalation of privileges in certain cases when logging into Mahara with Learning Tools Interoperability (LTI). | |||||
| CVE-2025-9038 | 2025-09-22 | N/A | N/A | ||
| Improper Privilege Management vulnerability in GE Vernova S1 Agile Configuration Software on Windows allows Privilege Escalation.This issue affects S1 Agile Configuration Software: 3.1 and previous version. | |||||
| CVE-2025-58432 | 1 Zimaspace | 1 Zimaos | 2025-09-22 | N/A | 7.8 HIGH |
| ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and all prior versions, the /v2_1/files/file/uploadV2 endpoint allows file upload from ANY USER who has access to localhost. File uploads are performed AS ROOT. | |||||
| CVE-2021-42082 | 1 Osnexus | 1 Quantastor | 2025-09-22 | N/A | 7.8 HIGH |
| Local users are able to execute scripts under root privileges. POC On the local host run the following command: curl 'localhost:8154/qstor/qs_upgrade.py?taskId=1&a=;`whoami`' | |||||
| CVE-2025-57396 | 2025-09-19 | N/A | 6.5 MEDIUM | ||
| Tandoor Recipes 2.0.0-alpha-1, fixed in 2.0.0-alpha-2, is vulnerable to privilege escalation. This is due to the rework of the API, which resulted in the User Profile API Endpoint containing two boolean values indicating whether a user is staff or administrative. Consequently, any user can escalate their privileges to the highest level. | |||||
| CVE-2025-54761 | 2025-09-19 | N/A | 8.0 HIGH | ||
| An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie. | |||||
| CVE-2025-34204 | 2025-09-19 | N/A | N/A | ||
| Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) contains multiple Docker containers that run primary application processes (for example PHP workers, Node.js servers and custom binaries) as the root user. This increases the blast radius of a container compromise and enables lateral movement and host compromise when a container is breached. | |||||
| CVE-2025-10650 | 2025-09-19 | N/A | N/A | ||
| SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. | |||||
| CVE-2024-0082 | 2 Microsoft, Nvidia | 2 Windows, Chatrtx | 2025-09-18 | N/A | 8.2 HIGH |
| NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause improper privilege management by sending open file requests to the application. A successful exploit of this vulnerability might lead to local escalation of privileges, information disclosure, and data tampering | |||||
| CVE-2025-57118 | 1 Phpgurukul | 1 Online Library Management System | 2025-09-18 | N/A | 9.8 CRITICAL |
| An issue in PHPGurukul Online-Library-Management-System v3.0 allows an attacker to escalate privileges via the index.php | |||||
| CVE-2024-0097 | 2 Microsoft, Nvidia | 2 Windows, Chatrtx | 2025-09-17 | N/A | 7.5 HIGH |
| NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering. | |||||
| CVE-2024-0096 | 2 Microsoft, Nvidia | 2 Windows, Chatrtx | 2025-09-17 | N/A | 7.5 HIGH |
| NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an improper privilege management issue by sending user inputs to change execution flow. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering. | |||||
| CVE-2025-37123 | 2025-09-17 | N/A | 8.8 HIGH | ||
| A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges. Successful exploitation of this vulnerability may enable the attacker to execute arbitrary system commands with root privileges on the underlying operating system. | |||||
| CVE-2025-34187 | 2025-09-17 | N/A | N/A | ||
| Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads. Execution with sudo grants full root access, resulting in remote privilege escalation and potential system compromise. | |||||
| CVE-2025-43333 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 7.8 HIGH |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to gain root privileges. | |||||
| CVE-2025-34078 | 1 Nsclient | 1 Nsclient\+\+ | 2025-09-17 | N/A | 7.8 HIGH |
| A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file (nsclient.ini) stores the administrative password in plaintext and is readable by local users. By extracting this password, an attacker can authenticate to the NSClient++ web interface (typically accessible on port 8443) and abuse the ExternalScripts plugin to inject and execute arbitrary commands as SYSTEM by registering a custom script, saving the configuration, and triggering it via the API. This behavior is documented but insecure, as the plaintext credential exposure undermines access isolation between local users and administrative functions. | |||||
| CVE-2025-8660 | 1 Broadcom | 1 Symantec Pgp Encryption | 2025-09-16 | N/A | 9.8 CRITICAL |
| Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed. | |||||
| CVE-2024-47770 | 1 Wazuh | 1 Wazuh | 2025-09-16 | N/A | 4.6 MEDIUM |
| Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. This vulnerability occurs when the system has weak privilege access, that allows an attacker to do privilege escalation. In this case the attacker is able to view agent list on Wazuh dashboard with no privilege access. This issue has been addressed in release version 4.9.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-50674 | 1 Openmediavault | 1 Openmediavault | 2025-09-12 | N/A | 7.8 HIGH |
| An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system/user.inc in OpenMediaVault 7.4.17 allowing local authenticated attackers to escalate privileges to root. | |||||
| CVE-2025-55581 | 1 Dlink | 2 Dcs-825l, Dcs-825l Firmware | 2025-09-12 | N/A | 7.3 HIGH |
| D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic. | |||||