Total
2083 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-1215 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1703 and 13 more | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303. | |||||
CVE-2023-22331 | 1 Contec | 1 Conprosys Hmi System | 2025-04-03 | N/A | 7.5 HIGH |
Use of default credentials vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information. | |||||
CVE-2022-25631 | 1 Broadcom | 1 Symantec Endpoint Protection | 2025-04-03 | N/A | 7.8 HIGH |
Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated | |||||
CVE-2024-57062 | 1 Soundcloud | 1 Soundcloud | 2025-04-03 | N/A | 6.7 MEDIUM |
An issue in SoundCloud IOS application v.7.65.2 allows a local attacker to escalate privileges and obtain sensitive information via the session handling component. | |||||
CVE-2024-27207 | 1 Google | 1 Android | 2025-04-03 | N/A | 9.1 CRITICAL |
Exported broadcast receivers allowing malicious apps to bypass broadcast protection. | |||||
CVE-2024-27210 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
In policy_check of fvp.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-27222 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GRANT_URI_PERMISSIONS Attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-27224 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-27233 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission bypass due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-22008 | 1 Google | 1 Android | 2025-04-03 | N/A | 7.8 HIGH |
In config_gov_time_windows of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-25987 | 1 Google | 1 Android | 2025-04-03 | N/A | 6.7 MEDIUM |
In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-25990 | 1 Google | 1 Android | 2025-04-03 | N/A | 6.4 MEDIUM |
In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2025-25872 | 1 Openpanel | 1 Openpanel | 2025-04-03 | N/A | 5.5 MEDIUM |
An issue in Open Panel v.0.3.4 allows a remote attacker to escalate privileges via the Fix Permissions function | |||||
CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2025-04-03 | 2.1 LOW | N/A |
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | |||||
CVE-2002-0367 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. | |||||
CVE-2004-1349 | 2 Gnu, Oracle | 2 Gzip, Solaris | 2025-04-03 | 2.1 LOW | N/A |
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. | |||||
CVE-2002-0049 | 1 Microsoft | 1 Exchange Server | 2025-04-03 | 6.4 MEDIUM | N/A |
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. | |||||
CVE-1999-0084 | 1 Sun | 1 Nfs | 2025-04-03 | 7.2 HIGH | 8.4 HIGH |
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. | |||||
CVE-2023-0101 | 1 Tenable | 1 Nessus | 2025-04-02 | N/A | 8.8 HIGH |
A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host. | |||||
CVE-2025-22937 | 2025-04-01 | N/A | 9.8 CRITICAL | ||
An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via unspecified vectors. |