CWE-269: Improper Privilege Management

This vulnerability allows local attackers to escalate privileges to root on affected SINUMERIK industrial control systems. The sc SUID binary contains...

CVE-2022-25636 is a heap out-of-bounds write vulnerability in the Linux kernel's netfilter component that allows local users to escalate privileges to...

Mesa Labs AmegaView versions 3.0 and prior have insecure file permissions that allow local attackers to modify critical files and escalate privileges ...

This vulnerability in Trend Micro Worry-Free Business Security allows a local attacker with low-privileged access to escalate privileges on affected s...

This is a local privilege escalation vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 that allows an attacker with low-privileged ac...

This vulnerability in Kaspersky Password Manager allows attackers to elevate process integrity levels from Medium to High, potentially gaining unautho...

CVE-2021-42285 is a Windows kernel elevation of privilege vulnerability that allows authenticated attackers to gain SYSTEM-level privileges on affecte...

This vulnerability in the Windows Fast FAT File System Driver allows attackers to escalate privileges from a low-privileged user account to SYSTEM lev...

This vulnerability allows an authenticated attacker to gain SYSTEM-level privileges on Windows systems by exploiting a flaw in NTFS file system handli...

CVE-2021-41367 is an NTFS elevation of privilege vulnerability in Windows that allows authenticated attackers to gain SYSTEM-level privileges on affec...

CVE-2021-36957 is an elevation of privilege vulnerability in Windows Desktop Bridge that allows authenticated attackers to execute arbitrary code with...

This vulnerability in HP LaserJet Solution Software allows local attackers to escalate privileges on affected systems. It affects users running vulner...

This vulnerability allows attackers to execute privileged code or commands on Windows systems running vulnerable FortiSIEM agents via PowerShell scrip...

This vulnerability allows a local attacker with low-privileged code execution on affected Trend Micro security products to escalate privileges to high...

This vulnerability allows a local attacker with low-privileged code execution on affected Trend Micro security products to escalate privileges to high...

This vulnerability allows a local attacker with low-privileged code execution on affected Trend Micro security products to escalate privileges via the...

This vulnerability allows a local attacker to elevate privileges on Windows systems by exploiting the AppX Deployment Service. It affects Windows 10, ...

CVE-2021-40489 is an elevation of privilege vulnerability in the Windows Storage Spaces Controller. It allows authenticated attackers to execute arbit...

CVE-2021-40478 is an elevation of privilege vulnerability in the Windows Storage Spaces Controller. It allows authenticated attackers to execute arbit...

This vulnerability in the Windows Common Log File System (CLFS) driver allows attackers to gain SYSTEM-level privileges by exploiting improper access ...

This vulnerability allows local privilege escalation during Zoom Rooms for Windows installation. If the installer runs with elevated privileges (like ...

CVE-2021-36975 is a Win32k elevation of privilege vulnerability in Windows that allows authenticated attackers to execute arbitrary code with SYSTEM p...

This Windows kernel vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges, potentially taking full control o...

CVE-2021-38628 is an elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock, allowing attackers to gain SYSTEM-leve...

This vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by exploiting a flaw in Windows Event Tracing. It...

This vulnerability in the Windows Common Log File System (CLFS) driver allows attackers to gain SYSTEM-level privileges on affected systems. It affect...

This vulnerability in Windows Ancillary Function Driver for WinSock allows attackers to escalate privileges from a low-privileged user account to SYST...

This vulnerability in the Windows Common Log File System (CLFS) driver allows an authenticated attacker to gain SYSTEM privileges by exploiting improp...

This vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges on affected Windows systems. It affects Windows c...

CVE-2021-1853 is a local privilege escalation vulnerability in macOS that allows an attacker with local access to gain elevated system privileges. Thi...

This vulnerability allows an attacker to escalate privileges from an unprivileged process to a privileged one by exploiting a handle management bug in...

This vulnerability allows authenticated attackers to execute arbitrary code with SYSTEM privileges on Windows systems by exploiting the Print Spooler ...

This vulnerability allows an attacker with physical proximity to exploit a flaw in Windows Bluetooth drivers to gain SYSTEM-level privileges on affect...

This CVE describes a local privilege escalation vulnerability in specific Huawei networking products. A local attacker with standard user privileges c...

This vulnerability allows a low-privileged local attacker to execute arbitrary code with SYSTEM privileges by sending a malicious OpenVPN configuratio...

This vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by exploiting a flaw in the Windows File History ...

CVE-2021-34460 is an elevation of privilege vulnerability in the Windows Storage Spaces Controller that allows authenticated attackers to execute arbi...

CVE-2021-33505 is a privilege escalation vulnerability in Falco where a local malicious user can bypass the detection engine by manipulating system ca...

CVE-2021-34514 is a Windows kernel elevation of privilege vulnerability that allows authenticated attackers to execute arbitrary code with SYSTEM priv...

This vulnerability in Samsung's PackageManager allows untrusted applications to obtain dangerous permissions without user confirmation under limited c...

This vulnerability allows local unprivileged users on Windows systems to escalate privileges to SYSTEM level by modifying OpenVPN configuration files....

This vulnerability allows lower-privileged users on ZOLL Defibrillator Dashboard systems to escalate their privileges to administrative level through ...

This vulnerability in Intel's Computing Improvement Program allows authenticated local users to escalate privileges due to incorrect default permissio...

This vulnerability in the Windows Common Log File System (CLFS) driver allows attackers to escalate privileges from a low-privileged user to SYSTEM le...

This vulnerability allows a locally authenticated malicious user to escalate privileges in Spring Framework WebFlux applications by manipulating tempo...

This vulnerability allows attackers to gain unauthorized shell access on Schneider Electric homeLYnk (Wiser For KNX) and spaceLYnk systems by loading ...

CVE-2018-16497 is a local privilege escalation vulnerability in Versa Analytics where cron jobs run as root but execute scripts writable by members of...

This is a privilege escalation vulnerability in QND Advance/Premium/Standard software versions 11.0.4i and earlier. It allows authenticated attackers ...

This vulnerability allows local attackers to escalate privileges on Windows systems by exploiting a flaw in the Container Manager Service. Attackers c...

CVE-2020-27518 is a local privilege escalation vulnerability in Windscribe VPN's WindscribeService component. Attackers with low-privilege access can ...