CWE-269: Improper Privilege Management

This vulnerability in CyberArk Endpoint Privilege Manager Agent allows a local user to escalate privileges by exploiting policy elevation of an Admini...

A local privilege escalation vulnerability in HPE Aruba Networking VIA client allows authenticated local users to execute arbitrary code with root pri...

A local privilege escalation vulnerability in DriveLock allows unprivileged Windows users to manipulate DriveLock processes and execute arbitrary comm...

An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers with local access to read/write arbitrary memory, I/O po...

A privilege escalation vulnerability in Apple operating systems allows malicious applications to gain elevated privileges. This affects macOS, iOS, an...

This macOS vulnerability allows malicious applications to bypass launch constraint protections and execute code with elevated privileges. It affects m...

A local privilege escalation vulnerability in AlgoSec Firewall Analyzer allows authenticated users with command-line access to abuse sudoers file perm...

This vulnerability in Microsoft Streaming Service allows an authenticated attacker to escalate privileges on a local system. Attackers with standard u...

This vulnerability in Incus allows unprivileged users with container root access and host access to escalate privileges to root on the host system. It...

This vulnerability in Veeam Agent for Microsoft Windows allows local attackers to escalate privileges to SYSTEM level by tricking an administrator int...

This vulnerability allows authenticated Windows users to hijack a repair process in Rockwell Automation's FTLinx software, gaining SYSTEM-level comman...

This vulnerability allows authenticated Windows users to hijack the repair process of FTLinx's Microsoft Installer File (MSI), gaining a SYSTEM-level ...

A permissions vulnerability in macOS allows applications to escalate privileges to root level. This affects macOS systems running versions prior to Ta...

This vulnerability allows a secondary user on an Android device to disable the primary user's deceptive app scanning setting due to a logic error in t...

This vulnerability allows an application to gain root privileges on affected macOS systems through improper state management. It affects macOS Sequoia...

This CVE describes a privilege escalation vulnerability in macOS where a malicious application could exploit a logic flaw to gain root privileges. It ...

CVE-2025-43019 is a local privilege escalation vulnerability in HP Support Assistant that allows authenticated attackers to delete arbitrary files, po...

CVE-2025-0320 is a local privilege escalation vulnerability in Citrix Secure Access Client for Windows that allows authenticated low-privileged users ...

A privilege escalation vulnerability in Mozilla VPN on macOS allows a local user to gain root privileges. This affects macOS users running Mozilla VPN...

This vulnerability in Windows Remote Access Connection Manager allows authenticated attackers to escalate privileges on a local system. Attackers with...

This vulnerability allows a local attacker with limited privileges to escalate to SYSTEM-level privileges through a vulnerable COM interface in Razer ...

CVE-2025-4636 is a privilege escalation vulnerability in the airpointer web platform where the web user has excessive privileges. An attacker who comp...

A local privilege escalation vulnerability in Ocuco Innovation v.2.10.24.51 allows attackers with local access to gain elevated privileges through the...

A local privilege escalation vulnerability in Ocuco Innovation v.2.10.24.51 allows attackers to gain elevated system privileges by exploiting the JOBE...

This CVE describes a permissions escalation vulnerability in macOS that allows an application to gain root privileges. It affects macOS Ventura, Sonom...

CVE-2025-25230 is a local privilege escalation vulnerability in Omnissa Horizon Client for Windows. An attacker with local access to a system where th...

CVE-2025-29800 is a local privilege escalation vulnerability in Microsoft AutoUpdate (MAU) that allows authenticated attackers to gain elevated system...

CVE-2025-22231 is a local privilege escalation vulnerability in VMware Aria Operations. An attacker with local administrative access can elevate privi...

This CVE describes a local privilege escalation vulnerability in Vasion Print (formerly PrinterLogic) that allows authenticated local users to gain el...

This vulnerability allows local attackers to escalate privileges on systems running vulnerable versions of Symantec Diagnostic Tool (SymDiag). Attacke...

This CVE describes an Improper Privilege Management vulnerability in two Schneider Electric services where an attacker with standard user privileges c...

CVE-2024-11467 is a local privilege escalation vulnerability in Omnissa Horizon Client for macOS that allows authenticated users to gain root privileg...

A privilege escalation vulnerability in Wondershare Dr.Fone version 13.5.21 allows attackers to replace the ElevationService.exe binary with malicious...

This vulnerability allows a malicious app to hide its notification access permission in Android Settings, preventing users from revoking it. Attackers...

CVE-2018-9375 is a confused deputy vulnerability in Android's UserDictionaryProvider that allows malicious apps to add or delete words from the user d...

This vulnerability in Microsoft AutoUpdate allows local attackers to escalate privileges on affected macOS systems. An authenticated attacker could ex...

This Windows Installer vulnerability allows authenticated attackers to elevate privileges on affected systems. Attackers could gain SYSTEM-level acces...

This vulnerability allows attackers to inject malicious dynamic libraries into Bitdefender Virus Scanner on macOS, bypassing Apple's security protecti...

This vulnerability in SonicOS Cloud NSv allows authenticated low-privileged users to escalate privileges to root, potentially leading to full system c...

This vulnerability involves improper permission control in the window management module, allowing unauthorized access to sensitive information. It aff...

This is a local privilege escalation vulnerability in Trend Micro Apex One security software. An attacker with existing low-privileged access on a sys...

This is a local privilege escalation vulnerability in Huawei smartphones that allows authenticated local attackers to gain elevated privileges. Attack...

This CVE describes a local privilege escalation vulnerability in the Tuned package. A local non-privileged user can exploit the unauthenticated D-Bus ...

CVE-2024-38830 is a local privilege escalation vulnerability in VMware Aria Operations. Attackers with local administrative access can exploit this to...

An improper access control vulnerability in Trend Micro Deep Security Agent 20 allows local attackers to escalate privileges on affected systems. Atta...

This vulnerability in macOS allows malicious applications to escalate privileges and gain root access. It affects macOS systems before Sequoia 15. Any...

CVE-2024-29779 is a local privilege escalation vulnerability in Android that allows attackers to gain root privileges without requiring user interacti...

The Samsung Universal Print Driver for Windows contains a privilege escalation vulnerability that allows attackers to create a reverse shell with elev...

This CVE describes an improper privilege management vulnerability in Schneider Electric software that allows authenticated non-admin users to escalate...

This vulnerability in Android's Settings app allows a malicious app to disable other users' apps on multi-user devices through a confused deputy attac...