Weaknesses of type CWE-269
1,779 resultsCVE-2022-45451HIGHLocal privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber ProtectEPSS 0.5%CVE-2024-29975MEDIUM** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versiEPSS 0.5%CVE-2026-2144HIGHMagic Login Mail or QR Code <= 2.05 - Unauthenticated Privilege Escalation via Insecure QR Code File StorageEPSS 0.5%CVE-2025-1295HIGHTemplines Elementor Helper Core <= 2.7 - Authenticated (Subscriber+) Privilege EscalationEPSS 0.5%CVE-2023-22645HIGHkubewarden: Excessive permissions for kubewarden-controller-manager-cluster-roleEPSS 0.5%CVE-2024-28905HIGHMicrosoft Brokering File System Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2020-13776MEDIUMsystemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated byEPSS 0.5%CVE-2024-0003CRITICALA condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the arrayEPSS 0.5%CVE-2026-42609HIGHGrav: Administrative Account Disruption and Privilege De-escalation via User Overwrite LogicEPSS 0.5%CVE-2025-15403CRITICALRegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_orderEPSS 0.5%CVE-2023-28436MEDIUMNon-interactive Tailscale SSH sessions on FreeBSD may use the effective group ID of the tailscaled processEPSS 0.5%CVE-2023-20598HIGH
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gainEPSS 0.5%CVE-2023-36628HIGHPrivilege Escalation in VASAEPSS 0.5%CVE-2024-1138HIGHTIBCO FTL Privilege EscalationEPSS 0.5%CVE-2020-13522HIGHAn exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packEPSS 0.5%CVE-2024-39302LOWSome bbb-record-core files installed with wrong file permissionEPSS 0.5%CVE-2022-1606LOWIncorrect privilege assignment in M-Files ServerEPSS 0.5%CVE-2026-46970HIGHVulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component: Internal Operations). Supported versions that arEPSS 0.5%CVE-2024-2005CRITICALSAML implementation allows privilege escalationEPSS 0.5%CVE-2026-46922HIGHVulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component: Internal Operations). Supported versions that arEPSS 0.5%