CWE-276: CWE-276

This is a privilege escalation vulnerability in Apple operating systems that allows a local user to gain elevated privileges. It affects iOS, iPadOS, ...

The Atera Agent on Windows creates temporary files in directories with insecure permissions, allowing local attackers to write arbitrary files. This a...

This vulnerability allows users with hacluster group access on openSUSE Tumbleweed systems to escalate privileges to root due to incorrect default per...

This vulnerability allows an attacker to bypass the Android Setup Wizard through a logic error in USB accessory handling, potentially gaining elevated...

This vulnerability allows a low-privileged local attacker on Windows systems with Cisco AnyConnect or Secure Client to elevate privileges to SYSTEM le...

This CVE describes a privilege escalation vulnerability in macOS where a malicious application could exploit a logic flaw to gain root privileges. It ...

This CVE describes a privilege escalation vulnerability in iTunes for Windows where a malicious application could exploit a logic flaw to gain elevate...

This vulnerability affects HPE MC990 X and UV300 RMC components with inadequate default configurations, allowing attackers to escalate privileges on a...

This Android vulnerability allows malicious apps to launch activities while in the background, bypassing normal restrictions. It enables local privile...

This vulnerability allows unprivileged local users to escalate their privileges to SYSTEM level on Windows systems. It affects Foxit PDF Reader and Ed...

This vulnerability allows low-privileged Sage 300 workstation users to access and modify credentials stored in the SharedData folder on connected serv...

CVE-2021-41614 is a privilege escalation vulnerability in the OpenRISC mor1kx processor controller unit where user programs from unauthorized privileg...

This vulnerability allows a local attacker with shell access and low privileges to modify system files or execute commands as root due to improper fil...

Dell PowerScale OneFS versions 8.2.x through 9.5.0.x contain a local privilege escalation vulnerability. A low-privileged local attacker could exploit...

This vulnerability allows local attackers with access to the _rmt user account to escalate privileges to root due to incorrect default permissions in ...

CVE-2022-23454 is a set of vulnerabilities in HP Support Assistant that could allow attackers to escalate privileges, compromise system integrity, com...

This vulnerability allows malicious apps to execute code with shell user privileges when wireless debugging is enabled on Android devices, due to a mi...

CVE-2021-39780 allows attackers to bypass developer settings requirements for capturing system traces in Android 12L due to a missing permission check...

This vulnerability allows local attackers to bypass Bluetooth permission checks on Android devices, potentially gaining elevated privileges without us...

This vulnerability in Intel Quartus Prime Pro Edition allows authenticated local users to escalate privileges due to improper file permissions. Attack...

This vulnerability in Intel Advisor installer versions before 2021.4.0 sets incorrect default file permissions during installation, allowing authentic...

This vulnerability allows local attackers to escalate privileges by exploiting incorrect default permissions on the base installation directory. It af...

This vulnerability allows local attackers to escalate privileges to SYSTEM authority on Windows systems running Advantech R-SeeNet 2.4.15 by replacing...

This vulnerability in the Automox Agent on Windows allows local privilege escalation due to incorrect permissions on a temporary directory. An attacke...

CVE-2021-42711 is a local privilege escalation vulnerability in Barracuda Network Access Client where an unprivileged user can create a temporary file...

This vulnerability allows authenticated local users to escalate privileges due to incorrect default permissions in Intel VTune Profiler installer. It ...

This vulnerability allows authenticated local users to escalate privileges due to incorrect default permissions in the Intel oneAPI Rendering Toolkit ...

This vulnerability in Intel Thunderbolt non-DCH driver installer for Windows allows authenticated local users to escalate privileges due to improper p...

This vulnerability allows authenticated local users to escalate privileges on Intel NUC M15 Laptop Kit systems due to incorrect default permissions in...

This vulnerability allows authenticated local users to escalate privileges on affected Intel NUC systems due to incorrect default permissions in the H...

This vulnerability allows authenticated local users to escalate privileges on Intel NUC M15 Laptop Kit systems due to incorrect default permissions in...

This vulnerability allows a local attacker to escalate privileges to SYSTEM level on Windows systems by exploiting incorrect default permissions in Bi...

A permission issue in the Cohesity Linux agent allows local privilege escalation. An underprivileged Linux user can gain additional privileges if cert...

This vulnerability allows local privilege escalation in Trend Micro security products. An attacker with low-privileged code execution can modify scrip...

This vulnerability in Intel Optane DC Persistent Memory for Windows software allows authenticated local users to escalate privileges due to incorrect ...

This CVE describes a local privilege escalation vulnerability in the Guild Wars 2 game launcher where an authenticated user can replace the executable...

CVE-2021-27032 is a privilege escalation vulnerability in Autodesk Licensing Installer where weak service permissions allow any local user to modify s...

This vulnerability allows local attackers in the vboxusers group on openSUSE systems to escalate privileges to root due to incorrect default permissio...

This vulnerability in IBM Spectrum Protect Client allows a local user to escalate privileges to SYSTEM/root level due to insecure directory permission...

This CVE describes a local privilege escalation vulnerability in Dream Report 5 R20-2 where attackers can replace the Syncfusion Dashboard Service bin...

This CVE describes a privilege escalation vulnerability in Dream Report 5 R20-2 where weak permissions on COM Class Identifiers allow attackers to exe...

This vulnerability allows local attackers to escalate privileges to NT SYSTEM level by exploiting insecure file permissions in Advantech WebAccess/SCA...

This vulnerability allows local attackers to escalate privileges on systems running Sytech XL Reporter v14.0.1 by exploiting weak file system permissi...

This vulnerability allows local attackers to escalate privileges on systems running vulnerable versions of Atlassian Bitbucket Server and Data Center ...

This vulnerability allows local attackers to escalate privileges on systems running Win-911 Enterprise V4.20.13 by exploiting weak file system permiss...

A local privilege escalation vulnerability in Windows software allows low-privileged users to corrupt sensitive data. The vulnerability exists because...

Faronics WINSelect stores its encrypted configuration file with overly permissive 'Everyone' read/write permissions, allowing any local user to modify...

This CVE describes a local privilege escalation vulnerability in Toshiba printers that allows attackers to replace legitimate programs with malicious ...

This vulnerability in ZTE AndroidTV set-top boxes allows non-privileged applications to bypass permission controls and execute protected functions. At...

Keyfactor Command versions before 12.5.0 have an incorrect access control vulnerability where access tokens are over-permissioned, allowing users to p...