Total
2737 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2025-53003 | 2025-07-03 | N/A | N/A | ||
The Janssen Project is an open-source identity and access management (IAM) platform. Prior to version 1.8.0, the Config API returns results without scope verification. This has a large internal surface attack area that exposes all sorts of information from the IDP including clients, users, scripts ..etc. This issue has been patched in version 1.8.0. A workaround for this vulnerability involves users forking and building the config api, patching it in their system following commit 92eea4d. | |||||
CVE-2025-36630 | 2025-07-03 | N/A | 8.4 HIGH | ||
In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege. | |||||
CVE-2025-6934 | 2025-07-03 | N/A | 9.8 CRITICAL | ||
The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the FullHouse - Real Estate Responsive WordPress Theme, is vulnerable to privilege escalation via in all versions up to, and including, 1.7.5. This is due to a lack of role restriction during registration in the 'on_regiser_user' function. This makes it possible for unauthenticated attackers to arbitrarily choose the role, including the Administrator role, assigned when registering. | |||||
CVE-2025-34078 | 2025-07-03 | N/A | N/A | ||
A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file (nsclient.ini) stores the administrative password in plaintext and is readable by local users. By extracting this password, an attacker can authenticate to the NSClient++ web interface (typically accessible on port 8443) and abuse the ExternalScripts plugin to inject and execute arbitrary commands as SYSTEM by registering a custom script, saving the configuration, and triggering it via the API. This behavior is documented but insecure, as the plaintext credential exposure undermines access isolation between local users and administrative functions. | |||||
CVE-2025-6943 | 2025-07-03 | N/A | 3.8 LOW | ||
Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables. | |||||
CVE-2018-9375 | 1 Google | 1 Android | 2025-07-03 | N/A | 7.8 HIGH |
In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete words in the user dictionary due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-45919 | 1 Solvait | 1 Solvait | 2025-07-03 | N/A | 6.5 MEDIUM |
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information or approval of fraudulent requests. | |||||
CVE-2024-10273 | 1 Lunary | 1 Lunary | 2025-07-02 | N/A | 6.5 MEDIUM |
In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system. | |||||
CVE-2025-6177 | 1 Google | 1 Chrome Os | 2025-07-02 | N/A | 7.4 HIGH |
Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and potentially others) on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell (VT3 console) accessible through specific key combinations during developer mode entry and MiniOS access, even when developer mode is blocked by device policy or Firmware Write Protect (FWMP). | |||||
CVE-2025-5687 | 1 Mozilla | 1 Vpn | 2025-07-02 | N/A | 7.8 HIGH |
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. *This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.28.0 < (macOS). | |||||
CVE-2025-47849 | 1 Apache | 1 Cloudstack | 2025-07-01 | N/A | 8.8 HIGH |
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and allows the attacker to assume control over higher-privileged user-accounts. A malicious Domain Admin attacker can impersonate an Admin user-account and gain access to sensitive APIs and resources that could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of infrastructure managed by CloudStack. Users are recommended to upgrade to Apache CloudStack 4.19.3.0 or 4.20.1.0, which fixes the issue with the following: * Strict validation on Role Type hierarchy: the caller's role must be equal to or higher than the target user's role. * API privilege comparison: the caller must possess all privileges of the user they are operating on. * Two new domain-level settings (restricted to the default admin): - role.types.allowed.for.operations.on.accounts.of.same.role.type: Defines which role types are allowed to act on users of the same role type. Default: "Admin, DomainAdmin, ResourceAdmin". - allow.operations.on.users.in.same.account: Allows/disallows user operations within the same account. Default: true. | |||||
CVE-2025-47713 | 1 Apache | 1 Cloudstack | 2025-07-01 | N/A | 8.8 HIGH |
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type. This operation is not appropriately restricted and allows the attacker to assume control over higher-privileged user-accounts. A malicious Domain Admin attacker can impersonate an Admin user-account and gain access to sensitive APIs and resources that could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of infrastructure managed by CloudStack. Users are recommended to upgrade to Apache CloudStack 4.19.3.0 or 4.20.1.0, which fixes the issue with the following: * Strict validation on Role Type hierarchy: the caller's user-account role must be equal to or higher than the target user-account's role. * API privilege comparison: the caller must possess all privileges of the user they are operating on. * Two new domain-level settings (restricted to the default Admin): - role.types.allowed.for.operations.on.accounts.of.same.role.type: Defines which role types are allowed to act on users of the same role type. Default: "Admin, DomainAdmin, ResourceAdmin". - allow.operations.on.users.in.same.account: Allows/disallows user operations within the same account. Default: true. | |||||
CVE-2023-32559 | 1 Nodejs | 1 Node.js | 2025-07-01 | N/A | 7.5 HIGH |
A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. | |||||
CVE-2025-45737 | 2025-06-30 | N/A | 6.5 MEDIUM | ||
An issue in NetEase (Hangzhou) Network Co., Ltd NeacSafe64 Driver before v1.0.0.8 allows attackers to escalate privileges via sending crafted IOCTL commands to the NeacSafe64.sys component. | |||||
CVE-2025-52555 | 2025-06-30 | N/A | 6.5 MEDIUM | ||
Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by chmod 777 a directory owned by root to gain access. The result of this is that a user could read, write and execute to any directory owned by root as long as they chmod 777 it. This impacts confidentiality, integrity, and availability. It is patched in versions 17.2.8, 18.2.5, and 19.2.3. | |||||
CVE-2024-27264 | 1 Ibm | 1 I | 2025-06-30 | N/A | 7.4 HIGH |
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 284563. | |||||
CVE-2024-33775 | 1 Nagios | 1 Nagios Xi | 2025-06-30 | N/A | 9.8 CRITICAL |
An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet. | |||||
CVE-2024-25343 | 1 Tenda | 2 N300, N300 Firmware | 2025-06-30 | N/A | 9.1 CRITICAL |
Tenda N300 F3 router vulnerability allows users to bypass intended security policy and create weak passwords. | |||||
CVE-2025-20282 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Passive Identity Connector | 2025-06-26 | N/A | 10.0 CRITICAL |
A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system. | |||||
CVE-2025-39202 | 2025-06-26 | N/A | 7.3 HIGH | ||
A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with low privileges can see and overwrite files causing information leak and data corruption. |