Total
2591 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38187 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 6.5 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-36024 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 7.1 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-28261 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 5.7 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-31937 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | N/A | 8.2 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2024-36046 | 2025-02-28 | N/A | 9.8 CRITICAL | ||
| Infoblox NIOS through 8.6.4 executes with more privileges than required. | |||||
| CVE-2024-29741 | 2025-02-27 | N/A | 7.8 HIGH | ||
| In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-28339 | 1 Opendoas Project | 1 Opendoas | 2025-02-27 | N/A | 8.8 HIGH |
| OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later. | |||||
| CVE-2025-0893 | 2025-02-27 | N/A | 7.8 HIGH | ||
| Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation vulnerability. | |||||
| CVE-2023-25590 | 2 Arubanetworks, Linux | 2 Clearpass Policy Manager, Linux Kernel | 2025-02-27 | N/A | 7.8 HIGH |
| A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance. | |||||
| CVE-2025-1295 | 2025-02-27 | N/A | 8.8 HIGH | ||
| The Templines Elementor Helper Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.7. This is due to allowing arbitrary user meta updates. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to Administrator. The vulnerability can only be exploited when the BuddyPress plugin is also installed and activated. | |||||
| CVE-2024-49035 | 1 Microsoft | 1 Partner Center | 2025-02-27 | N/A | 8.7 HIGH |
| An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. | |||||
| CVE-2023-27094 | 1 Opengoofy | 1 Hippo4j | 2025-02-26 | N/A | 8.8 HIGH |
| An issue found in OpenGoofy Hippo4j v.1.4.3 allows attackers to escalate privileges via the ThreadPoolController of the tenant Management module. | |||||
| CVE-2024-30150 | 2025-02-25 | N/A | 5.3 MEDIUM | ||
| HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side Request Forgery (SSRF) and Denial of Service(DOS) attacks from unauthenticated users. | |||||
| CVE-2023-28758 | 1 Veritas | 1 Netbackup | 2025-02-25 | N/A | 7.1 HIGH |
| An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing NetBackup log files. | |||||
| CVE-2023-20995 | 1 Google | 1 Android | 2025-02-25 | N/A | 7.8 HIGH |
| In captureImage of CustomizedSensor.cpp, there is a possible way to bypass the fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-241910279 | |||||
| CVE-2024-13343 | 1 Vanquish | 1 Woocommerce Customers Manager | 2025-02-24 | N/A | 8.8 HIGH |
| The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_assign_new_roles() function in all versions up to, and including, 31.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator. | |||||
| CVE-2022-48353 | 2025-02-24 | N/A | 9.8 CRITICAL | ||
| Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause kernel privilege escalation, which results in system service exceptions. | |||||
| CVE-2024-22341 | 2025-02-22 | N/A | 5.3 MEDIUM | ||
| IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management. | |||||
| CVE-2023-21068 | 1 Google | 1 Android | 2025-02-20 | N/A | 7.8 HIGH |
| In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to local escalation of privilege after preparing the device, hiding the warning, and passing the phone to a new user, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243433344References: N/A | |||||
| CVE-2024-12284 | 2025-02-20 | N/A | N/A | ||
| Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. | |||||