Falhas do tipo CWE-269

1.781 resultados
CVE-2023-30601HIGHApache Cassandra: Privilege escalation when enabling FQL/Audit logsEPSS 0.3%CVE-2024-55632HIGHA security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected instalEPSS 0.3%CVE-2024-55631HIGHAn engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installationsEPSS 0.3%CVE-2024-30150MEDIUMAn unauthenticated privilege escalation vulnerability affects HCL MyCloudEPSS 0.3%CVE-2023-25834MEDIUMBUG-000142922 Incomplete permission changes in specific cases.EPSS 0.3%CVE-2023-3513HIGHRazerCentralService Unsafe Deserialization Escalation of PrivilegeEPSS 0.3%CVE-2024-1575MEDIUMThe improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3) and earlier versions could allow an autheEPSS 0.3%CVE-2025-5088HIGHArista CloudVision Exchange (CVX) Cluster Privilege Escalation via MCS Redis SessionEPSS 0.3%CVE-2025-2238HIGHVikinger <= 1.9.30 - Authenticated (Subscriber+) Privilege Escalation via 'vikinger_user_meta_update_ajax'EPSS 0.3%CVE-2024-45919MEDIUMA security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the RequeEPSS 0.3%CVE-2026-11423CRITICALPath Traversal in Altium Enterprise Server Collaboration Service Allows Privilege EscalationEPSS 0.3%CVE-2024-27301HIGHPrivilege Escalation Abusing installer in SupportAppEPSS 0.3%CVE-2025-43333HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to gain root priviEPSS 0.3%CVE-2026-47744CRITICALShopper: Authorization bypass and RBAC privilege escalation in team settingsEPSS 0.3%CVE-2022-30121MEDIUMThe “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executablesEPSS 0.3%CVE-2023-50677HIGHAn issue in NETGEAR-DGND4000 v.1.1.00.15_1.00.15 allows a remote attacker to escalate privileges via the next_file parameter to the /setup.cEPSS 0.3%CVE-2026-29648HIGHIn OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a EPSS 0.3%CVE-2023-52107HIGHVulnerability of permissions being not strictly verified in the WMS module. Successful exploitation of this vulnerability may affect serviceEPSS 0.3%CVE-2022-48515Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentialitEPSS 0.3%CVE-2024-45297MEDIUMPrevent topic list filtering by hidden tags for unauthorized users in DiscourseEPSS 0.3%