CWE-269: Improper Privilege Management

This vulnerability in MacVim allows privilege escalation to root via insecure interprocess communication (IPC) using Apple's Distributed Objects. Any ...

This vulnerability allows attackers to bypass factory reset protection on Android devices, potentially gaining unauthorized access to devices that sho...

This vulnerability in Android's Activity Manager allows malicious apps to launch background activities without user interaction due to a logic error. ...

This vulnerability in Android's ActivityStarter component allows malicious apps to launch background activities without user interaction through an un...

CVE-2023-34057 is a local privilege escalation vulnerability in VMware Tools that allows a user with local access to a guest virtual machine to elevat...

CVE-2023-5671 is a privilege escalation vulnerability in HP Print and Scan Doctor for Windows that allows local attackers to gain elevated system priv...

CVE-2023-46277 is a privilege escalation vulnerability in the 'please' (pleaser) sudo alternative tool versions through 0.5.4. It allows local attacke...

This vulnerability in IXP Data Easy Install v.6.6.14884.0 allows a local attacker to escalate privileges using a static XOR key. Attackers with local ...

This vulnerability allows standard Windows users to escalate privileges to SYSTEM level by triggering a software repair process in Qumu Multicast Exte...

This vulnerability in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to escalate privileges via a crafted command to the echo_driver.sy...

This vulnerability allows local attackers to escalate privileges on Windows systems running WatchGuard EPDR 8.0.21.0002. By sending a specially crafte...

This vulnerability allows local privilege escalation on Android devices through an unsafe PendingIntent in the Quick Share functionality. Attackers ca...

This vulnerability in Android's Settings app allows attackers to hide approved notification listeners from the settings interface due to a logic error...

This CVE describes a privilege escalation vulnerability in macOS where a malicious application could exploit a logic issue to gain root privileges. It...

This CVE describes a local privilege escalation vulnerability in Acronis products for Windows. It allows a local low-privileged user to gain SYSTEM-le...

This CVE describes a local privilege escalation vulnerability in Acronis products for Windows. It allows a local attacker with low privileges to gain ...

Dell PowerScale OneFS versions 8.2.x through 9.5.0.x contain a local privilege escalation vulnerability. A low-privileged local attacker could exploit...

This Android vulnerability allows malicious apps to launch activities into Picture-in-Picture (PiP) mode from the background by bypassing background a...

This vulnerability in ESET security software allows attackers to abuse file operations during module updates to delete or move files without proper pe...

This vulnerability allows non-privileged users to escalate their privileges to root by manipulating passwords or other variables through specific comm...

This vulnerability allows local attackers to escalate privileges to SYSTEM level on Windows systems running vulnerable versions of RazerCentral. Attac...

This vulnerability in Trend Micro Apex One and Apex One as a Service allows a local attacker with low-privileged code execution to escalate privileges...

This vulnerability in Trend Micro Apex One and Apex One as a Service allows a local attacker with low-privileged code execution to escalate privileges...

This vulnerability allows users with JMX access to escalate privileges and execute arbitrary commands as the Apache Cassandra service account when ena...

This vulnerability allows attackers to modify the AppUpgrade binary file in Hyundai Gen5W_L in-vehicle infotainment systems to bypass firmware version...

This vulnerability in Oracle VM VirtualBox allows a low-privileged attacker with local access to the host system to potentially compromise the Virtual...

This vulnerability in Ego Studio SuperClean allows attackers to escalate privileges by manipulating the update_info field in the _default_.xml file. I...

This vulnerability allows local privilege escalation in Acuant AcuFill SDK installations. During installation, the software executes an EXE from C:\Wi...

This vulnerability allows bypassing fingerprint authentication on Android 13 devices due to a logic error in the CustomizedSensor.cpp file. An attacke...

This Windows vulnerability allows an authenticated attacker to gain SYSTEM-level privileges by exploiting improper handling of account picture changes...

This vulnerability allows local privilege escalation when users run 'systemctl status' via Sudo in certain configurations. Attackers can escape from t...

This vulnerability allows low-privileged users to modify files during AMD Ryzen Master installation, potentially leading to privilege escalation and a...

This vulnerability in ASUS EC Tool driver allows local users to gain elevated privileges by exploiting unprivileged IOCTL calls that provide raw read/...

This vulnerability allows a standard user to write to the Windows registry with administrator privileges through NEC's PC settings tool. Attackers can...

CVE-2022-38777 is a privilege escalation vulnerability in Elastic Endpoint Security for Windows. Unprivileged users can exploit the rollback feature t...

CVE-2020-24307 is a privilege escalation vulnerability in mRemoteNG v1.76.20 that allows attackers to execute arbitrary code with elevated privileges ...

CVE-2022-3990 is a privilege escalation vulnerability in HPSFViewer that could allow attackers to gain elevated privileges on affected systems. It aff...

This CVE describes vulnerabilities in HP PC BIOS/UEFI firmware that could allow attackers to execute arbitrary code with high privileges. Affected sys...

This CVE describes a BIOS firmware vulnerability in certain HP Workstation products that could allow local attackers to execute arbitrary code with el...

This CVE describes a local privilege escalation vulnerability in Zyxel firewall CLI commands where a local attacker can execute OS commands with root ...

This CVE describes a local privilege escalation vulnerability in EagleGet Downloader's update service. Authenticated non-administrative users can expl...

This vulnerability in CyberLink Power Director v14 allows attackers to execute arbitrary code with elevated privileges by tricking users into opening ...

CVE-2022-23743 is a local privilege escalation vulnerability in Check Point ZoneAlarm security software. It allows a local attacker to execute arbitra...

This vulnerability allows a user logged into the Guest account on Android devices to enable NFC functionality without proper permissions. It enables l...

This vulnerability allows local attackers to modify the PLMN SIM file without proper permission checks, potentially enabling privilege escalation on a...

CVE-2021-39784 is a local privilege escalation vulnerability in Android's CellBroadcastReceiver component. It allows attackers to enable specific cell...

This Windows Installer vulnerability allows authenticated attackers to gain SYSTEM privileges by exploiting improper handling of file operations durin...

This vulnerability allows local attackers to escalate privileges to root on affected SINUMERIK industrial control systems. The sc SUID binary contains...

CVE-2022-25636 is a heap out-of-bounds write vulnerability in the Linux kernel's netfilter component that allows local users to escalate privileges to...

Mesa Labs AmegaView versions 3.0 and prior have insecure file permissions that allow local attackers to modify critical files and escalate privileges ...