Export limit exceeded: 343236 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9040 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-57937 | 2025-01-22 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-12398 | 1 Zyxel | 46 Nwa110ax, Nwa110ax Firmware, Nwa1123acv3 and 43 more | 2025-01-21 | 8.8 High |
| An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device. | ||||
| CVE-2020-15934 | 1 Fortinet | 1 Forticlient | 2025-01-21 | 8.6 High |
| An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by creating a malicious script or program on the target machine. | ||||
| CVE-2023-1694 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-21 | 7.5 High |
| The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2023-1693 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-21 | 7.5 High |
| The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2024-47906 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2025-01-17 | 7.8 High |
| Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges. | ||||
| CVE-2024-8539 | 4 Apple, Ivanti, Linux and 1 more | 4 Macos, Secure Access Client, Linux Kernel and 1 more | 2025-01-17 | 7.1 High |
| Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files. | ||||
| CVE-2024-9842 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2025-01-17 | 7.3 High |
| Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders. | ||||
| CVE-2024-7571 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2025-01-17 | 7.8 High |
| Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | ||||
| CVE-2022-38469 | 1 Ge | 1 Proficy Historian | 2025-01-16 | 7.5 High |
| An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords. | ||||
| CVE-2023-0356 | 1 Socomec | 2 Modulys Gp, Net Vision | 2025-01-16 | 5.7 Medium |
| SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information. | ||||
| CVE-2023-1966 | 1 Illumina | 22 Iscan, Iscan Firmware, Iseq 100 and 19 more | 2025-01-16 | 7.4 High |
| Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges vulnerability. An unauthenticated malicious actor could upload and execute code remotely at the operating system level, which could allow an attacker to change settings, configurations, software, or access sensitive data on the affected product. | ||||
| CVE-2023-41966 | 1 Sielco | 30 Analog Fm Transmitter Exc1000gt, Analog Fm Transmitter Exc1000gt Firmware, Analog Fm Transmitter Exc1000gx and 27 more | 2025-01-16 | 6.5 Medium |
| The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter. | ||||
| CVE-2023-1174 | 2 Apple, Kubernetes | 2 Macos, Minikube | 2025-01-16 | 9.8 Critical |
| This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container. | ||||
| CVE-2023-26280 | 1 Ibm | 1 Jazz Foundation | 2025-01-16 | 5.3 Medium |
| IBM Jazz Foundation 7.0.2 and 7.0.3 could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control. | ||||
| CVE-2020-9222 | 1 Huawei | 1 Fusioncompute | 2025-01-15 | 7 High |
| There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222. | ||||
| CVE-2024-9636 | 2025-01-15 | 9.8 Critical | ||
| The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in versions 2.2.85 to 2.3.3. This is due to the plugin not properly restricting what user meta can be updated during profile registration. This makes it possible for unauthenticated attackers to register on the site as an administrator. | ||||
| CVE-2023-29734 | 1 Mwm | 1 Edjing Mix | 2025-01-14 | 9.8 Critical |
| An issue found in edjing Mix v.7.09.01 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the database. | ||||
| CVE-2024-56447 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-13 | 7.8 High |
| Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-56444 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 7.5 High |
| Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||