Total
2667 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25631 | 1 Broadcom | 1 Symantec Endpoint Protection | 2025-04-03 | 7.8 High |
| Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated | ||||
| CVE-2024-57062 | 1 Soundcloud | 1 Soundcloud | 2025-04-03 | 6.7 Medium |
| An issue in SoundCloud IOS application v.7.65.2 allows a local attacker to escalate privileges and obtain sensitive information via the session handling component. | ||||
| CVE-2024-27207 | 1 Google | 1 Android | 2025-04-03 | 9.1 Critical |
| Exported broadcast receivers allowing malicious apps to bypass broadcast protection. | ||||
| CVE-2024-27222 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GRANT_URI_PERMISSIONS Attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27233 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission bypass due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-25987 | 1 Google | 1 Android | 2025-04-03 | 6.7 Medium |
| In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-25872 | 1 Openpanel | 1 Openpanel | 2025-04-03 | 5.5 Medium |
| An issue in Open Panel v.0.3.4 allows a remote attacker to escalate privileges via the Fix Permissions function | ||||
| CVE-2023-0101 | 1 Tenable | 1 Nessus | 2025-04-02 | 8.8 High |
| A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. An authenticated attacker could potentially execute a specially crafted file to obtain root or NT AUTHORITY / SYSTEM privileges on the Nessus host. | ||||
| CVE-2022-38774 | 2 Elastic, Microsoft | 3 Endgame, Endpoint Security, Windows | 2025-04-02 | 7.8 High |
| An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | ||||
| CVE-2022-38775 | 2 Elastic, Microsoft | 2 Endpoint Security, Windows | 2025-04-02 | 7.8 High |
| An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | ||||
| CVE-2024-53349 | 1 Linuxfoundation | 1 Kuadrant | 2025-04-01 | 7.4 High |
| Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's token, leading to escalation of privileges via the secretes component in the k8s cluster | ||||
| CVE-2024-53350 | 1 Kubeslice | 1 Kubeslice | 2025-04-01 | 7.4 High |
| Insecure permissions in kubeslice v1.3.1 allow attackers to gain access to the service account's token, leading to escalation of privileges. | ||||
| CVE-2022-43997 | 1 Aternity | 1 Aternity | 2025-04-01 | 7.8 High |
| Incorrect access control in Aternity agent in Riverbed Aternity before 12.1.4.27 allows for local privilege escalation. There is an insufficiently protected handle to the A180AG.exe SYSTEM process with PROCESS_ALL_ACCESS rights. | ||||
| CVE-2024-1764 | 1 Devolutions | 1 Devolutions Server | 2025-03-28 | 7.6 High |
| Improper privilege management in Just-in-time (JIT) elevation module in Devolutions Server 2023.3.14.0 and earlier allows a user to continue using the elevated privilege even after the expiration under specific circumstances | ||||
| CVE-2022-46359 | 1 Hp | 1 Security Manager | 2025-03-28 | 8.8 High |
| Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. | ||||
| CVE-2022-46358 | 1 Hp | 1 Security Manager | 2025-03-28 | 8.8 High |
| Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. | ||||
| CVE-2022-46357 | 1 Hp | 1 Security Manager | 2025-03-28 | 8.8 High |
| Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. | ||||
| CVE-2022-46356 | 1 Hp | 1 Security Manager | 2025-03-28 | 8.8 High |
| Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. | ||||
| CVE-2022-3990 | 1 Hp | 1 Hpsfviewer | 2025-03-28 | 7.8 High |
| HPSFViewer might allow Escalation of Privilege. This potential vulnerability was remediated on July 29th, 2022. Customers who opted for automatic updates should have already received the remediation. | ||||
| CVE-2022-23455 | 1 Hp | 1 Support Assistant | 2025-03-27 | 7.8 High |
| Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files. | ||||