Weaknesses of type CWE-269
1,779 resultsCVE-2024-33552CRITICALWordPress XStore Core plugin <= 5.3.8 - Unauthenticated Account Takeover vulnerabilityEPSS 0.6%CVE-2022-34703HIGHWindows Partition Management Driver Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2022-0222HIGHA CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the contEPSS 0.6%CVE-2022-46410HIGHAn issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root byEPSS 0.6%CVE-2023-46145HIGHWordPress Themify Ultra theme <= 7.3.5 - Authenticated Privilege Escalation vulnerabilityEPSS 0.6%CVE-2024-9192HIGHWP Video Robot <= 1.20.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta UpdateEPSS 0.6%CVE-2023-36100—An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameterEPSS 0.6%CVE-2020-13519HIGHA privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088 functionality of NZXT CAM 4.8.0. A specially crafted I/EPSS 0.6%CVE-2022-39007CRITICALThe location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privileEPSS 0.6%CVE-2021-4200MEDIUMWrite access to the Catalog for any user when restricted-admin role is enabledEPSS 0.6%CVE-2024-31498HIGHYubico ykman-gui (aka YubiKey Manager GUI) before 1.2.6 on Windows, when Edge is not used, allows privilege escalation because browser windoEPSS 0.6%CVE-2022-41604HIGHCheck Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissiEPSS 0.6%CVE-2024-7493CRITICALWPCOM Member <= 1.5.2.1 - Unauthenticated Privilege Escalation via User MetaEPSS 0.6%CVE-2024-27710CRITICALAn issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentiEPSS 0.6%CVE-2025-11533CRITICALWP Freeio <= 1.2.21 - Unauthenticated Privilege EscalationEPSS 0.6%CVE-2022-20739HIGHCisco SD-WAN vManage Software Privilege Escalation VulnerabilityEPSS 0.6%CVE-2024-2433MEDIUMPAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability LossEPSS 0.6%CVE-2024-3828HIGHSpectra Pro <= 1.1.5 - Authenticated (Author+) Privilege EscalationEPSS 0.6%CVE-2024-28391CRITICALSQL injection vulnerability in FME Modules quickproducttable module for PrestaShop v.1.2.1 and before, allows a remote attacker to escalate EPSS 0.6%CVE-2024-21892HIGHOn Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running withEPSS 0.6%