Weaknesses of type CWE-273
22 resultsCVE-2024-38813HIGHPrivilege escalation vulnerabilityEPSS 14.6%KEVCVE-2019-18276HIGHAn issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID EPSS 2.6%CVE-2021-36372—Original block tokens are persisted and can be retrievedEPSS 2.4%CVE-2024-25420HIGHAn issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system properEPSS 1.4%CVE-2021-37839—Improper access to dataset metadata informationEPSS 1.1%CVE-2023-34844—Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker container to escape.EPSS 0.8%CVE-2024-8382HIGHInternal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web contEPSS 0.6%CVE-2021-47129MEDIUMnetfilter: nft_ct: skip expectations for confirmed conntrackEPSS 0.5%CVE-2025-27396HIGHA vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit tEPSS 0.4%CVE-2022-0358—A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405EPSS 0.3%CVE-2023-0657LOWKeycloak: impersonation via logout token exchangeEPSS 0.3%CVE-2021-3982—Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permiEPSS 0.3%CVE-2026-44073MEDIUMseteuid failure ignored in auth modulesEPSS 0.3%CVE-2023-52433MEDIUMnetfilter: nft_set_rbtree: skip sync GC for new elements in this transactionEPSS 0.3%CVE-2023-34322HIGHtop-level shadow reference dropped too early for 64-bit PV guestsEPSS 0.2%CVE-2025-1003HIGHHP Anyware Agent for Linux – Potential Authentication BypassEPSS 0.2%CVE-2025-62175MEDIUMMastodon streaming API fails to disconnect disabled and suspended usersEPSS 0.2%CVE-2023-5369—copy_file_range insufficient capability rights checkEPSS 0.2%CVE-2026-21882HIGHtheshit's Improper Privilege Dropping Allows Local Privilege Escalation via Command Re-executionEPSS 0.2%CVE-2023-21246—In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exceptioEPSS 0.2%