Falhas do tipo CWE-269

1.785 resultados
CVE-2025-4879HIGHCitrix Workspace App for Windows - Local Privilege escalation allows a low-privileged user to gain SYSTEM privilegesEPSS 0.1%CVE-2025-5687HIGHLocal privilege escalation vulnerability in Mozilla VPN clients for macOS v2.27.0 and below.EPSS 0.1%CVE-2026-40002MEDIUMZTE Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations.EPSS 0.1%CVE-2025-24006HIGHPrivilege Escalation via Insecure SSH PermissionsEPSS 0.1%CVE-2026-30902HIGHZoom Clients for Windows - Improper Privilege ManagementEPSS 0.1%CVE-2025-26513HIGHThe installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a vulnerability which when successfully exploited cEPSS 0.1%CVE-2026-28889MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary fileEPSS 0.1%CVE-2025-15547HIGHJail escape by a privileged user via nullfsEPSS 0.1%CVE-2026-12217HIGHDVDFab Virtual Drive Signed Kernel Driver dvdfabio.sys privileges managementEPSS 0.1%CVE-2021-25365MEDIUMAn improper exception control in softsimd prior to SMR APR-2021 Release 1 allows unprivileged applications to access the API in softsimd.EPSS 0.1%CVE-2025-14252HIGHAn Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to read/write arbitrary memory, I/O ports, andEPSS 0.1%CVE-2020-9222HIGHThere is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need EPSS 0.1%CVE-2025-15576HIGHJail chroot escape via fd exchange with a different jailEPSS 0.1%CVE-2024-0024HIGHIn multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input vaEPSS 0.1%CVE-2024-20021MEDIUMIn atf spm, there is a possible way to remap physical memory to virtual memory due to a logic error. This could lead to local escalation of EPSS 0.1%CVE-2025-9038HIGHS1 Agile Privilege EscalationEPSS 0.1%CVE-2024-39342MEDIUMEntrust Instant Financial Issuance (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier uses a DLL library (i.eEPSS 0.1%CVE-2025-9912MEDIUMA local privilege escalation vulnerability in Nokia SR LinuxEPSS 0.1%CVE-2025-43019MEDIUMHP Support Assistant – Potential Escalation of PrivilegeEPSS 0.1%CVE-2025-52347HIGHAn issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 BuEPSS 0.1%