Total
2841 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-48365 | 1 Ibexa | 3 Digital Experience Platform, Ez Platform, Ez Platform Kernel | 2025-03-04 | N/A | 7.2 HIGH |
| An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges. | |||||
| CVE-2025-1425 | 2025-03-04 | N/A | N/A | ||
| A Sudo privilege misconfiguration vulnerability in PocketBook InkPad Color 3 on Linux, ARM allows attackers to read file contents on the device.This issue affects InkPad Color 3: U743k3.6.8.3671. | |||||
| CVE-2025-1424 | 2025-03-04 | N/A | N/A | ||
| A privilege escalation vulnerability in PocketBook InkPad Color 3 allows attackers to escalate to root privileges if they gain physical access to the device. This issue affects InkPad Color 3 in version U743k3.6.8.3671. | |||||
| CVE-2024-0819 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2025-03-03 | N/A | 7.3 HIGH |
| Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account. | |||||
| CVE-2023-36765 | 1 Microsoft | 1 Office | 2025-02-28 | N/A | 7.8 HIGH |
| Microsoft Office Elevation of Privilege Vulnerability | |||||
| CVE-2023-36569 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-02-28 | N/A | 8.4 HIGH |
| Microsoft Office Elevation of Privilege Vulnerability | |||||
| CVE-2023-29350 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 7.5 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-44689 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2019 and 2 more | 2025-02-28 | N/A | 7.8 HIGH |
| Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability. | |||||
| CVE-2022-41032 | 2 Fedoraproject, Microsoft | 5 Fedora, .net, .net Core and 2 more | 2025-02-28 | N/A | 7.8 HIGH |
| NuGet Client Elevation of Privilege Vulnerability | |||||
| CVE-2023-38187 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 6.5 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-36024 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 7.1 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-28261 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 5.7 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-31937 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 8.2 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-28339 | 1 Opendoas Project | 1 Opendoas | 2025-02-27 | N/A | 8.8 HIGH |
| OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later. | |||||
| CVE-2025-0893 | 2025-02-27 | N/A | 7.8 HIGH | ||
| Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation vulnerability. | |||||
| CVE-2023-25590 | 2 Arubanetworks, Linux | 2 Clearpass Policy Manager, Linux Kernel | 2025-02-27 | N/A | 7.8 HIGH |
| A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance. | |||||
| CVE-2025-1295 | 2025-02-27 | N/A | 8.8 HIGH | ||
| The Templines Elementor Helper Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.7. This is due to allowing arbitrary user meta updates. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to Administrator. The vulnerability can only be exploited when the BuddyPress plugin is also installed and activated. | |||||
| CVE-2023-27094 | 1 Opengoofy | 1 Hippo4j | 2025-02-26 | N/A | 8.8 HIGH |
| An issue found in OpenGoofy Hippo4j v.1.4.3 allows attackers to escalate privileges via the ThreadPoolController of the tenant Management module. | |||||
| CVE-2024-30150 | 2025-02-25 | N/A | 5.3 MEDIUM | ||
| HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side Request Forgery (SSRF) and Denial of Service(DOS) attacks from unauthenticated users. | |||||
| CVE-2023-28758 | 1 Veritas | 1 Netbackup | 2025-02-25 | N/A | 7.1 HIGH |
| An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing NetBackup log files. | |||||