Weaknesses of type CWE-269
1,780 resultsCVE-2026-6750HIGHPrivilege escalation in the Graphics: WebRender componentEPSS 0.4%CVE-2025-31286MEDIUMAn HTML injection vulnerability previously discovered in Trend Vision One could have allowed a malicious user to execute arbitrary code.
EPSS 0.4%CVE-2026-26416HIGHAn authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privilegeEPSS 0.4%CVE-2023-4976CRITICALFlashBlade Authentication Mechanism VulnerabilityEPSS 0.4%CVE-2025-5954CRITICALService Finder SMS System <= 2.0.0 - Unauthenticated Privilege EscalationEPSS 0.4%CVE-2026-35607HIGHFile Browser: Proxy auth auto-provisioned users inherit Execute permission and CommandsEPSS 0.4%CVE-2024-51392HIGHAn issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php componentEPSS 0.4%CVE-2026-2931HIGHAmelia Booking <= 9.1.2 - Authenticated (Customer+) Insecure Direct Object Reference to Arbitrary User Password ChangeEPSS 0.4%CVE-2021-46894—Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalatioEPSS 0.4%CVE-2026-1993HIGHExactMetrics 7.1.0 - 9.0.2 - Authenticated (Custom) Improper Privilege Management to Role Privilege Escalation via Settings UpdateEPSS 0.4%CVE-2026-44224HIGHWiki.js: Privilege Escalation via Missing Group Validation in users.updateEPSS 0.4%CVE-2024-21121MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are PrioEPSS 0.4%CVE-2020-15797—A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers EPSS 0.4%CVE-2026-22043MEDIUMRustFS has IAM deny_only Short-Circuit that Allows Privilege Escalation via Service Account MintingEPSS 0.4%CVE-2023-2679MEDIUMData leakage in Adobe connector for SPE edition of SLMEPSS 0.4%CVE-2024-36046CRITICALInfoblox NIOS through 8.6.4 executes with more privileges than required.EPSS 0.4%CVE-2023-23629MEDIUMMetabase subject to Improper Privilege ManagementEPSS 0.4%CVE-2024-1973HIGHElevation of privileges vulnerabilityEPSS 0.4%CVE-2022-48286HIGHThe multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect datEPSS 0.4%CVE-2026-1994CRITICALs2Member <= 260127 - Unauthenticated Privilege Escalation via Account TakeoverEPSS 0.4%