CWE-732: CWE-732

This vulnerability allows local attackers to perform unauthorized raw disk operations due to an incorrect NULL DACL in SevenCs ORCA G2's regService pr...

This vulnerability allows local attackers with initial low-privileged access to escalate privileges to SYSTEM level by exploiting incorrect folder per...

BuhoNTFS version 1.3.2 contains an insecure XPC service that allows local, unprivileged users to execute arbitrary code with root privileges. This aff...

This CVE describes a local privilege escalation vulnerability in Nagios Log Server where the 'www-data' user can replace root-owned scripts in a writa...

This vulnerability in Siemens Spectrum Power 4 allows attackers to read database credentials from a world-readable file. With these credentials, attac...

This vulnerability allows attackers with web server privileges (www-data user) to modify a Nagios XI script, leading to arbitrary code execution as th...

MacForge 1.2.0 Beta 1 contains an insecure XPC service that allows local, unprivileged users to escalate privileges to root. This vulnerability enable...

This vulnerability allows local users to escalate privileges to SYSTEM level by placing malicious files in an insecure directory. Any local user on sy...

A permissions vulnerability in macOS allows malicious applications to escalate privileges to root access. This affects macOS systems running versions ...

This CVE describes a local privilege escalation vulnerability in Acronis Cyber Protect Cloud Agent for Windows due to insecure folder permissions. Att...

GPMAW 14 has insecure file permissions in its installation directory, allowing any user with local access to replace the uninstaller executable. When ...

This vulnerability allows a local attacker to exploit incorrect file permissions in Apache APISIX's Java plugin runner to elevate privileges. It affec...

This CVE-2025-2759 vulnerability in GStreamer's installer allows local attackers to escalate privileges by exploiting incorrect folder permissions. At...

A local privilege escalation vulnerability in Siemens SCALANCE LPE9403 industrial routers allows non-privileged local attackers to interact with the b...

An incorrect permission assignment vulnerability in PostgreSQL commands in Zyxel USG FLEX H series firewalls allows authenticated local attackers with...

A local privilege escalation vulnerability in Taegis Endpoint Agent on Debian-based Linux systems allows local users to execute arbitrary code with ro...

Dell ThinOS 2408 and earlier versions have an improper permissions vulnerability that allows local low-privileged attackers to elevate their privilege...

This CVE describes a local privilege escalation vulnerability in Ivanti Secure Access Client where insufficient permissions allow authenticated local ...

This vulnerability allows an authenticated attacker to execute arbitrary code with kernel privileges on Windows systems. It affects Windows 10, 11, an...

This vulnerability in Foxit PDF Reader's Update Service allows local attackers to escalate privileges from a low-privileged user to SYSTEM by exploiti...

This vulnerability in Panda Security Dome VPN allows local attackers to escalate privileges from a low-privileged user account to SYSTEM level by expl...

A local privilege escalation vulnerability exists in SIPORT software where improper file permissions allow unprivileged local users to modify service ...

This CVE describes a local privilege escalation vulnerability in Tomcat packaging where insecure file permissions during installation allow local user...

This vulnerability allows non-admin users to exploit weak file and folder permissions in Vivavis HIGH-LEIT software to escalate privileges and execute...

This vulnerability allows local attackers with low-privileged access to escalate privileges to SYSTEM level by exploiting incorrect file permissions i...

This CVE describes a local privilege escalation vulnerability in Nagios NDOUtils where certain executable files are owned by the nagios user instead o...

This vulnerability allows a local attacker to escalate privileges by exploiting incorrect permissions in the ThermoscanIP installation folder. Attacke...

This CVE describes a local privilege escalation vulnerability in Arc software on Unix systems where temporary files are created with unsafe permission...

This vulnerability in the Phoenix WinFlash Driver allows attackers with local access to escalate privileges by exploiting an exposed IOCTL interface w...

This vulnerability in IBM Security Guardium allows a local user to gain elevated privileges on the system due to improper permissions control. It affe...

This vulnerability allows attackers to bypass Hypervisor-Protected Code Integrity (HVCI) security features on Windows systems, potentially enabling th...

This vulnerability allows authorized users in Rapid SCADA to write directly to the Scada directory, potentially enabling privilege escalation. It affe...

CVE-2023-28134 is a local privilege escalation vulnerability in Check Point Harmony Endpoint and ZoneAlarm Extreme Security. An attacker with low-priv...

CVE-2023-40361 is an insecure permissions vulnerability in SECUDOS Qiata (DOMOS OS) where the previewRm.sh cronjob has world-writable permissions. Thi...

CVE-2022-30527 is an improper access control vulnerability in Siemens SINEC NMS where specific folders containing executables and libraries have overl...

This vulnerability allows local attackers with low-privileged access to escalate to SYSTEM privileges by exploiting incorrect file permissions on Waco...

CVE-2023-28133 allows local attackers to escalate privileges on Windows systems running Check Point Endpoint Security Client E87.30 by crafting a mali...

This vulnerability in SIMATIC WinCC allows authenticated local attackers to inject arbitrary code and escalate privileges when the software is install...

CVE-2023-31871 is a privilege escalation vulnerability in OpenText Documentum Content Server where a non-privileged user can exploit the dm_secure_wri...

This vulnerability in Delta Electronics InfraSuite Device Master allows attackers to set incorrect directory permissions, potentially leading to local...

This vulnerability allows local attackers to escalate privileges by modifying the webroot directory due to incorrect permissions. It affects APC and S...

CVE-2022-34891 is a local privilege escalation vulnerability in Parallels Desktop where incorrect file permissions allow attackers to escalate to root...

This vulnerability allows unprivileged users to escalate privileges to SYSTEM via DLL search-order hijacking in Sage 300 ERP. The installer places a w...

This vulnerability in Android's PermissionController allows malicious apps to obtain and retain permissions without user consent due to a logic error....

This vulnerability in Adaware Protect v1.2.439.4251 allows local attackers to escalate privileges by modifying the service binary path due to insecure...

This vulnerability allows a local attacker with existing low-privileged access to escalate privileges by loading a malicious DLL with incorrect permis...

This vulnerability allows a malicious actor with local access to VMware Workspace ONE Access, Identity Manager, or vRealize Automation systems to esca...

This vulnerability allows local unprivileged attackers to achieve privilege escalation in Siemens SIMATIC Energy Manager software. By exploiting impro...

The SysDrv3S driver in CODESYS Control runtime system on Windows allows any system user to read and write restricted memory space. This vulnerability ...

Synaman v5.1 and below contains weak file permissions that allow authenticated attackers to escalate privileges. This vulnerability affects organizati...