Fallos del tipo CWE-269
1779 resultadosCVE-2024-43403HIGHKanister has a potential risk which can be leveraged to make a cluster-level privilege escalationEPSS 0.5%CVE-2021-34487HIGHWindows Event Tracing Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2023-50921CRITICALAn issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the add_user interface in the system module to gain root privEPSS 0.5%CVE-2022-41339HIGHIn Zoho ManageEngine Mobile Device Manager Plus before 10.1.2207.5, the User Administration module allows privilege escalation.EPSS 0.5%CVE-2023-36496HIGHDelegated Admin Virtual Attribute Provider Privilege EscalationEPSS 0.5%CVE-2022-4264MEDIUMIncorrect privilege assignment in M-Files Web ServerEPSS 0.5%CVE-2024-57778HIGHAn issue in Orbe ONetView Roeador Onet-1200 Orbe 1680210096 allows a remote attacker to escalate privileges via the servers response from stEPSS 0.5%CVE-2026-22039CRITICALKyverno Cross-Namespace Privilege Escalation via Policy apiCallEPSS 0.5%CVE-2024-12398HIGHAn improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) anEPSS 0.5%CVE-2024-8100HIGHOn affected versions of the Arista CloudVision Portal (CVP on-prem), the time-bound device onboarding token can be used to gain admin privileges on CloudVision.EPSS 0.5%CVE-2024-25343CRITICALTenda N300 F3 router vulnerability allows users to bypass intended security policy and create weak passwords.EPSS 0.5%CVE-2022-4270LOWIncorrect privilege assignment in M-Files Web ServerEPSS 0.5%CVE-2024-33549HIGHWordPress WZone plugin <= 14.0.10 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2024-33569HIGHWordPress Instant Images plugin <= 6.1.0 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 0.5%CVE-2025-3278CRITICALUrbanGo Membership <= 1.0.4 - Unauthenticated Privilege EscalationEPSS 0.5%CVE-2023-5978—Incorrect libcap_net limitation list manipulationEPSS 0.5%CVE-2022-32907HIGHThis issue was addressed with improved checks. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary coEPSS 0.5%CVE-2025-2232CRITICALRealteo - Real Estate Plugin by Purethemes <= 1.2.8 - Authentication Bypass via 'do_register_user'EPSS 0.5%CVE-2020-13516MEDIUMAn information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406144 functionality of NZXT CAM 4.8.0. A specially craftedEPSS 0.5%CVE-2020-13511MEDIUMAn information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specialEPSS 0.5%