CWE-250: CWE-250

CVE-2022-21699 is an arbitrary code execution vulnerability in IPython where improper management of cross-user temporary files allows one user to exec...

This vulnerability allows authenticated remote attackers with Administrator read-only credentials to elevate privileges to Administrator with write pr...

CVE-2025-23180 is a privilege escalation vulnerability where software runs with higher privileges than necessary, allowing attackers to gain elevated ...

This vulnerability allows attackers to escalate privileges in kOps clusters using the GCE/GCP provider in gossip mode. Attackers can gain cluster-admi...

This CVE describes a local privilege escalation vulnerability in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that allows authenticat...

GIGABYTE MacroHub has a local privilege escalation vulnerability where authenticated local attackers can execute arbitrary code with SYSTEM privileges...

This vulnerability allows any local Windows user to escalate their privileges to local administrator by directly communicating with the LocalAdminServ...

This vulnerability allows malicious Android apps to launch foreground services while running in the background, bypassing Android's Foreground Service...

This vulnerability allows local attackers with low privileges to escalate to SYSTEM-level privileges by exploiting insufficient binary validation. It ...

This vulnerability in IBM InfoSphere Information Server allows non-root users within a container environment to escalate their privileges to root-leve...

Nagios XI versions before 5.8.7 use insecure permissions on a temporary directory for Highcharts exports, allowing local or co-hosted processes to rea...

This vulnerability in PC Manager allows a local authenticated user to execute arbitrary code with elevated privileges, potentially gaining full system...

This vulnerability allows local users to execute arbitrary commands with elevated privileges by exploiting an unauthorized HTTP API endpoint in Clash ...

This vulnerability allows any user with localhost access to upload files as root on ZimaOS systems. It affects all versions up to 1.4.1, enabling priv...

This vulnerability in BootRom allows local attackers to escalate privileges without needing additional execution permissions. It affects devices with ...

This CVE describes a tapjacking/overlay vulnerability in Android that allows malicious apps to overlay installation confirmation dialogs. This enables...

CVE-2025-33120 is a privilege escalation vulnerability in IBM QRadar SIEM where authenticated users can gain elevated privileges through a misconfigur...

SINEC Traffic Analyzer runs Docker containers without proper isolation controls, allowing attackers to escape container boundaries and access host sys...

This vulnerability in IBM Security Verify Directory Container allows local users to execute arbitrary commands with root privileges due to unnecessary...

This CVE describes a privilege escalation vulnerability in BrightSign digital signage players. Once an attacker gains initial code execution on the de...

A local privilege escalation vulnerability in Lenovo Vantage's BIOS customization feature allows attackers with local access to gain elevated system p...

Dell NativeEdge version 2.1.0.0 contains an execution with unnecessary privileges vulnerability (CWE-250). A low-privileged attacker with local access...

This vulnerability in IBM Security Verify Access Docker allows local users to escalate privileges due to unnecessary privilege execution. It affects I...

This CVE describes a local privilege escalation vulnerability in IBM Storage Scale GUI where an authenticated attacker with command line access to the...

This vulnerability in Cisco SD-WAN vManage software allows authenticated local attackers to gain escalated privileges by exploiting improper path vali...

Dell SmartFabric OS10 Software contains a privilege escalation vulnerability where low-privileged local attackers can execute commands with elevated p...

An untrusted search path vulnerability in B&R APROL's AprolConfigureCCServices allows authenticated local attackers to execute arbitrary code with ele...

A local privilege escalation vulnerability in Siemens SINEC NMS allows attackers to execute operating system commands with SYSTEM privileges. This aff...

This vulnerability in IBM Security Access Manager Docker allows a local user to escalate privileges to root due to improper access controls. It affect...

This CVE describes a local privilege escalation vulnerability in IBM TCP/IP Connectivity Utilities for i on IBM i 7.3, 7.4, and 7.5. An attacker with ...

This CVE describes a local privilege escalation vulnerability in Ivanti Secure Access Client for Windows. It allows authenticated low-privileged users...

CVE-2024-34477 is a local privilege escalation vulnerability in FOG Project's configureNFS function that allows authenticated local users to gain root...

A local privilege escalation vulnerability in ClamXAV's helper tool component allows attackers with local access to gain elevated privileges. This aff...

This CVE allows local attackers with write access to the C drive to escalate privileges to SYSTEM level by exploiting an insecure executable loading m...

A local privilege escalation vulnerability in SICAM TOOLBOX II allows attackers to execute operating system commands with SYSTEM privileges. This affe...

This vulnerability allows a local unprivileged user on Windows systems running QEMU Guest Agent to manipulate the installer's repair custom actions, l...

This CVE describes a local privilege escalation vulnerability in Dell's Advanced Driver Restore component. A local malicious user can exploit this to ...

This vulnerability allows authenticated attackers to escalate privileges to root on Bender/ebee Charge Controllers by exploiting SUID permissions on s...

This CVE describes a local privilege escalation vulnerability in Acronis Windows products where child processes receive excessive permissions. An atta...

This vulnerability in NVIDIA vGPU software allows guest operating systems to execute privileged operations on the host system. It affects organization...

This vulnerability in Cisco SD-WAN Software allows authenticated local attackers to escalate privileges to root by exploiting improper access restrict...

CVE-2021-27454 is a privilege escalation vulnerability in Reason DR60 industrial routers where the software runs with higher privileges than necessary...

A local privilege escalation vulnerability in Avaya Aura Utility Services allows authenticated local users to execute arbitrary scripts with elevated ...

This vulnerability allows an unauthenticated attacker with physical access to a workstation running One Identity Password Manager 5.9.7.1 to escalate ...

IBM i operating systems versions 7.2 through 7.6 contain a database authority check vulnerability that allows unauthorized execution of database proce...

IBM Storage Scale versions 5.2.2.0 and 5.2.2.1 contain an input validation vulnerability that allows authenticated users to execute privileged command...

IBM Db2 12.1.0 through 12.1.3 on Linux, UNIX, and Windows (including Db2 Connect Server) contains a local privilege escalation vulnerability. Under sp...

This vulnerability in Tyler Technologies ERP Pro 9 SaaS allows authenticated users to escape the application sandbox and execute limited operating sys...

CVE-2024-27147 is a local privilege escalation vulnerability in Toshiba printers that allows attackers to gain elevated privileges on affected devices...

Dell Command Monitor versions before 10.12.3.28 contain a privilege escalation vulnerability where local low-privileged users can execute code with un...