Total
2729 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30121 | 1 Ivanti | 1 Endpoint Manager | 2025-05-22 | N/A | 6.7 MEDIUM |
| The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system. | |||||
| CVE-2022-32819 | 1 Apple | 6 Ipad Os, Iphone Os, Mac Os X and 3 more | 2025-05-22 | N/A | 7.8 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges. | |||||
| CVE-2022-32829 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-05-22 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32826 | 1 Apple | 6 Ipad Os, Iphone Os, Mac Os X and 3 more | 2025-05-22 | N/A | 7.8 HIGH |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges. | |||||
| CVE-2022-32782 | 1 Apple | 1 Macos | 2025-05-22 | N/A | 4.4 MEDIUM |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4. An app with root privileges may be able to access private information. | |||||
| CVE-2022-32781 | 1 Apple | 4 Ipad Os, Iphone Os, Mac Os X and 1 more | 2025-05-22 | N/A | 4.4 MEDIUM |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8. An app with root privileges may be able to access private information. | |||||
| CVE-2022-32801 | 1 Apple | 1 Macos | 2025-05-22 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to gain root privileges. | |||||
| CVE-2022-41604 | 1 Checkpoint | 1 Zonealarm | 2025-05-22 | N/A | 8.8 HIGH |
| Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM. | |||||
| CVE-2019-1007 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2025-05-20 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | |||||
| CVE-2022-41975 | 2 Microsoft, Realvnc | 3 Windows, Vnc Server, Vnc Viewer | 2025-05-20 | N/A | 7.8 HIGH |
| RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode. | |||||
| CVE-2025-27468 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-19 | N/A | 7.0 HIGH |
| Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2023-48902 | 1 Tramyardg | 1 Autoexpress | 2025-05-19 | N/A | 9.8 CRITICAL |
| An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote attackers to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in uploadCarImages.php. | |||||
| CVE-2025-30475 | 2025-05-16 | N/A | 8.1 HIGH | ||
| Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an improper privilege management vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to elevation of privileges. | |||||
| CVE-2024-23764 | 1 Withsecure | 4 Client Security, Elements Endpoint Protection, Email And Server Security and 1 more | 2025-05-15 | N/A | 6.7 MEDIUM |
| Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later. | |||||
| CVE-2024-22239 | 1 Vmware | 1 Aria Operations For Networks | 2025-05-15 | N/A | 5.3 MEDIUM |
| Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access. | |||||
| CVE-2024-22237 | 1 Vmware | 1 Aria Operations For Networks | 2025-05-15 | N/A | 7.8 HIGH |
| Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system. | |||||
| CVE-2022-32931 | 1 Apple | 1 Macos | 2025-05-15 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app with root privileges may be able to access private information. | |||||
| CVE-2025-22220 | 1 Vmware | 2 Aria Operations For Logs, Cloud Foundation | 2025-05-14 | N/A | 4.3 MEDIUM |
| VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user. | |||||
| CVE-2024-38830 | 1 Vmware | 2 Aria Operations, Cloud Foundation | 2025-05-14 | N/A | 7.8 HIGH |
| VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations. | |||||
| CVE-2025-4649 | 2025-05-13 | N/A | 4.9 MEDIUM | ||
| Improper Privilege Management vulnerability in Centreon web allows Privilege Escalation. ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs. This issue affects web: from 24.10.3 before 24.10.4, from 24.04.09 before 24.04.10, from 23.10.19 before 23.10.21, from 23.04.24 before 23.04.26. | |||||