CWE-269: Improper Privilege Management

This vulnerability in Android's Settings app allows a malicious app to disable other users' apps on multi-user devices through a confused deputy attac...

This vulnerability in Android's Uri.java allows attackers to craft malformed Uri objects due to improper input validation, potentially leading to loca...

This CVE describes a local privilege escalation vulnerability in macOS that allows an attacker with existing local access to elevate their privileges ...

This CVE describes a local privilege escalation vulnerability in macOS that allows an attacker with existing local access to gain elevated privileges....

This is a privilege escalation vulnerability in Apple operating systems where an application can execute arbitrary code with kernel privileges due to ...

This vulnerability allows unprivileged users to execute privileged operations through D-Bus methods in Deepin's dde-file-manager. It affects Deepin Li...

CVE-2024-6677 is a privilege escalation vulnerability in uberAgent that allows authenticated users to gain elevated privileges on affected systems. Th...

This vulnerability allows a low-privileged local user on Windows systems running Citrix Virtual Delivery Agent to escalate privileges to SYSTEM level....

CVE-2024-6286 is a local privilege escalation vulnerability in Citrix Workspace app for Windows that allows authenticated low-privileged users to gain...

This vulnerability allows local privilege escalation in Android's kernel due to a logic error in device memory management. An attacker could execute a...

This vulnerability allows a malicious Android app to hide from device Settings while retaining Accessibility Service permissions, enabling local privi...

CVE-2024-23711 is a kernel-level vulnerability in Android's device memory management that allows local privilege escalation without user interaction. ...

This CVE describes a confused deputy vulnerability in Android that allows local privilege escalation without user interaction. Attackers can bypass pe...

This vulnerability in Jungo WinDriver allows local attackers to escalate privileges and execute arbitrary code due to improper privilege management. I...

This vulnerability in Jungo WinDriver allows local attackers to escalate privileges, execute arbitrary code, or cause denial of service due to imprope...

This vulnerability in Jungo WinDriver allows local attackers to escalate privileges and execute arbitrary code due to improper privilege management. I...

This vulnerability in Jamf Compliance Editor's XPC service allows local attackers to escalate privileges on macOS systems. Attackers can gain root acc...

This CVE describes a privilege escalation vulnerability in Huawei's AMS module that allows attackers to gain elevated privileges on affected systems. ...

This vulnerability in SiSoftware SANDRA's kernel driver allows local attackers to escalate privileges by sending a crafted buffer via DeviceIoControl....

This vulnerability in TeraByte Unlimited Image for Windows allows a local attacker to escalate privileges through the TBOFLHelper64.sys and TBOFLHelpe...

A local privilege escalation vulnerability in Panoramic Corporation Digital Imaging Software allows attackers with local access to elevate privileges ...

This vulnerability in Android's NotificationManagerService allows local privilege escalation without user interaction due to improper input validation...

This vulnerability in Android's UserManagerService allows local attackers to bypass user restrictions through improper input validation, potentially e...

This Android vulnerability allows a malicious app to execute arbitrary code with privileged app permissions due to a logic error in package installati...

This vulnerability allows attackers to disable the anti-tampering protection in Zscaler Client Connector when an uninstall password is configured. Thi...

This vulnerability allows unprivileged attackers to escalate privileges by restoring a crafted DLL file into the SUPERAntiSpyware installation directo...

This vulnerability in Oracle Solaris 11 allows a low-privileged local attacker to potentially compromise the entire system, leading to complete takeov...

CVE-2024-29052 is a Windows Storage Elevation of Privilege Vulnerability that allows authenticated attackers to gain SYSTEM-level privileges on affect...

This vulnerability allows an authenticated attacker to exploit the Microsoft Brokering File System to gain SYSTEM-level privileges on Windows systems....

This vulnerability in the Atos Eviden CardOS API Windows installer allows local privilege escalation from a regular user account to SYSTEM-level acces...

This vulnerability allows local privilege escalation on affected Android devices due to uninitialized data in the ppcfw_init_secpolicy function. Attac...

This vulnerability in Android's strncpy function allows local privilege escalation without user interaction. Attackers can exploit a missing bounds ch...

CVE-2024-22008 is an out-of-bounds write vulnerability in the config_gov_time_windows function of tmu.c in Android's kernel. This allows local attacke...

This vulnerability allows local privilege escalation on Android devices by bypassing carrier restrictions during package installation. Attackers can e...

This CVE describes a privilege escalation vulnerability in macOS where a malicious application could exploit a logic issue to gain elevated system pri...

A privilege escalation vulnerability in Thales SafeNet Sentinel HASP LDK installer on Windows allows local attackers to gain elevated system privilege...

A local privilege escalation vulnerability in Thales SafeNet Authentication Client for Windows allows attackers with local access to elevate their pri...

This vulnerability allows malicious apps to launch activities from the background without user interaction, bypassing Android's background activity la...

This CVE describes a local privilege escalation vulnerability in ESET Windows products where an attacker could misuse file operations to delete files ...

This CVE describes a local privilege escalation vulnerability in VMware Aria Operations for Networks. Console users with existing access can exploit t...

A privilege elevation vulnerability in Telerik Test Studio installer allows lower-privileged users to manipulate installation packages and gain elevat...

This CVE describes a privilege escalation vulnerability in Telerik JustDecompile's installer component. Attackers with local access can manipulate ins...

A local privilege escalation vulnerability in Trend Micro Apex One's plug-in manager allows attackers with initial low-privileged access to elevate th...

This vulnerability in Sandbox Accounts for Events allows authenticated users to access sensitive event data by sending crafted requests to the events ...

This vulnerability in BeyondTrust Privilege Management for Windows allows attackers to steal security tokens when the 'Add Admin' token is configured ...

This vulnerability allows local attackers to bypass System Management Mode (SMM) protections on affected AMD processors, potentially enabling privileg...

A local privilege escalation vulnerability in Telit Cinterion cellular modules allows low-privileged attackers to gain manufacturer-level privileges. ...

This vulnerability in MacVim allows privilege escalation to root via insecure interprocess communication (IPC) using Apple's Distributed Objects. Any ...

This vulnerability allows attackers to bypass factory reset protection on Android devices, potentially gaining unauthorized access to devices that sho...

This vulnerability in Android's Activity Manager allows malicious apps to launch background activities without user interaction due to a logic error. ...