Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9191 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2022-43759 1 Suse 1 Rancher 2025-03-25 7.2 High
A Improper Privilege Management vulnerability in SUSE Rancher, allows users with access to the escalate verb on PRTBs to escalate permissions for any -promoted resource in any cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10.
CVE-2022-38777 2 Elastic, Microsoft 3 Endgame, Endpoint Security, Windows 2025-03-25 7.8 High
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
CVE-2022-48286 1 Huawei 2 Emui, Harmonyos 2025-03-25 7.5 High
The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2023-21421 1 Samsung 1 Android 2025-03-24 5.9 Medium
Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.
CVE-2024-24402 1 Nagios 1 Nagios Xi 2025-03-24 9.8 Critical
An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component.
CVE-2023-24573 1 Dell 1 Command \| Monitor 2025-03-24 4.7 Medium
Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.
CVE-2023-0759 1 Agentejo 1 Cockpit 2025-03-24 8.8 High
Privilege Chaining in GitHub repository cockpit-hq/cockpit prior to 2.3.8.
CVE-2024-32901 1 Google 1 Android 2025-03-24 7.8 High
In v4l2_smfc_qbuf of smfc-v4l2-ioctls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-26314 3 Iconics, Jungo, Mitsubishielectric 49 Genesis64, Windriver, C Controller Module Setting And Monitoring Tool and 46 more 2025-03-21 7.8 High
Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.
CVE-2024-30542 1 Wpxpo 1 Wholesalex 2025-03-21 9.8 Critical
Improper Privilege Management vulnerability in Wholesale WholesaleX allows Privilege Escalation.This issue affects WholesaleX: from n/a through 1.3.2.
CVE-2024-22235 1 Vmware 2 Aria Operations, Cloud Foundation 2025-03-20 6.7 Medium
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
CVE-2023-2485 1 Gitlab 1 Gitlab 2025-03-20 4.4 Medium
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A malicious maintainer in a project can escalate other users to Owners in that project if they import members from another project that those other users are Owners of.
CVE-2022-27677 1 Amd 1 Ryzen Master 2025-03-19 7.8 High
Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user.
CVE-2024-31315 1 Google 1 Android 2025-03-19 5.3 Medium
In multiple functions of ManagedServices.java, there is a possible way to hide an app with notification access in the Device & app notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2022-42455 1 Asus 1 Armoury Crate 2025-03-19 7.8 High
ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges.
CVE-2023-25011 1 Nec 1 Pc Settings Tool 2025-03-19 7.8 High
PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges.
CVE-2022-42735 1 Apache 1 Shenyu 2025-03-19 8.8 High
Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 .
CVE-2025-26706 1 Zte 1 Goldendb 2025-03-19 5.4 Medium
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.07.
CVE-2025-26705 1 Zte 1 Goldendb 2025-03-19 5.3 Medium
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05.
CVE-2025-26704 1 Zte 1 Goldendb 2025-03-19 6.4 Medium
Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05.