Fallos del tipo CWE-269
1785 resultadosCVE-2025-36640HIGHLocal Privilege EscalationEPSS 0.1%CVE-2025-10578MEDIUMHP Support Assistant - Potential Escalation of PrivilegeEPSS 0.1%CVE-2026-7994HIGHInappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level pEPSS 0.1%CVE-2026-32323HIGHMullvad VPN for macOS: Local Privilege Escalation via unverified bundle path in installerEPSS 0.1%CVE-2026-29923HIGHThe pstrip64.sys driver in EnTech Taiwan PowerStrip <=3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL requeEPSS 0.1%CVE-2026-0029HIGHIn __pkvm_init_vm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of EPSS 0.1%CVE-2024-31325HIGHIn multiple locations, there is a possible way to reveal images across users data due to a logic error in the code. This could lead to localEPSS 0.1%CVE-2024-31318HIGHIn CompanionDeviceManagerService.java, there is a possible way to pair a companion device without user acceptance due to a missing permissioEPSS 0.1%CVE-2024-36500HIGHPrivilege escalation vulnerability in the AMS module
Impact: Successful exploitation of this vulnerability may affect service confidentialitEPSS 0.1%CVE-2024-40658HIGHIn getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to EPSS 0.1%CVE-2026-6389HIGHIBM Turbonomic Prometurbo agent used by IBM Turbonomic Application Resource Management is affected by a single vulnerabilityEPSS 0.1%CVE-2021-25363MEDIUMAn improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processEPSS 0.1%CVE-2022-20356MEDIUMIn shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to start foreground service from background due EPSS 0.1%CVE-2024-36499MEDIUMVulnerability of unauthorized screenshot capturing in the WMS module
Impact: Successful exploitation of this vulnerability may affect servicEPSS 0.1%CVE-2021-25513LOWAn improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some dEPSS 0.1%CVE-2023-48406—there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to locaEPSS 0.1%CVE-2024-31322MEDIUMIn updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaininEPSS 0.1%CVE-2024-51521MEDIUMInput parameter verification vulnerability in the background service module
Impact: Successful exploitation of this vulnerability may affectEPSS 0.1%CVE-2025-69875HIGHA vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore pEPSS 0.1%CVE-2024-29741HIGHIn pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation ofEPSS 0.1%