CWE-274: CWE-274

Total CVEs

Critical

High

8.0

Avg CVSS

Yearly Trend

2025

2024

2023

Top Affected Vendors

1 Cisco 2

2 Dell 1

3 Xwiki 1

4 Jupyter 1

All CWE-274 CVEs (6)

CVE-2025-20156

9.9

This vulnerability allows authenticated users with low privileges in Cisco Meeting Management to elevate their privileges to administrator level by ex...

Jan 22, 2025

CVE-2024-0105

8.9

This vulnerability in NVIDIA ConnectX firmware allows attackers with insufficient privileges to trigger improper privilege handling, potentially causi...

Nov 1, 2024

CVE-2024-21648

8.0

CVE-2024-21648 is an authorization bypass vulnerability in XWiki Platform where the rollback action lacks proper permission checks. This allows authen...

Jan 9, 2024

CVE-2022-45101

7.3

CVE-2022-45101 is an improper privilege handling vulnerability in Dell PowerScale OneFS NFS implementation. Remote unauthenticated attackers can explo...

Feb 1, 2023

CVE-2024-41942

7.2

In JupyterHub versions before 4.1.6 and 5.1.0, users granted the admin:users scope can escalate their privileges to become full administrators with un...

Aug 8, 2024

CVE-2025-20177

6.7

This vulnerability allows authenticated local attackers with root-system privileges on Cisco IOS XR devices to bypass image signature verification dur...

Mar 12, 2025

About CWE-274 (CWE-274)

Our database tracks 6 CVEs classified as CWE-274, with 1 rated critical and 4 rated high severity. The average CVSS score for CWE-274 vulnerabilities is 8.0.

External reference: View CWE-274 on MITRE CWE →

Monitor CWE-274 Vulnerabilities

Get alerted when new CWE-274 CVEs affect your infrastructure.

Start Monitoring Free