Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where admins can invite new members with billing permissions, thereby gaining unauthorized access to billing reso
Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary wit
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog intera
Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with
Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with
CVE-2024-9479
CRITICAL CVSS 10.0
Find Similar
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2.
CVE-2024-9478
CRITICAL CVSS 10.0
Find Similar
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2.
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper privilege management concerning sudo privileges, C-MOR is vulnerable to a privilege escalation attack. The Linux
An authenticated attacker with high privilege can use functions of SLCM transactions to which access should be restricted. This may result in an escalation of privileges causing low impact on integrit
Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/* endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers ca
CVE-2024-52442
CRITICAL CVSS 9.8
Find Similar
Incorrect Privilege Assignment vulnerability in userplus UserPlus userplus allows Privilege Escalation.This issue affects UserPlus: from n/a through <= 2.0.
Capgo before 12.128.2 contains an authorization bypass vulnerability in the /build/status and /build/logs endpoints that allows attackers to access build jobs belonging to different applications by su
CVE-2025-64063
CRITICAL CVSS 9.8
Find Similar
Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when processing requests. Specifically, a standard user can exploit this flaw by sending direct HTTP requests to
Nagios XI versions prior to 5.7.3 contain a privilege escalation vulnerability in the getprofile.sh helper script. The script performed profile retrieval and initialization routines using insecure fil
Incorrect access control in Software GmbH Agorum core open v11.9.2 & v11.10.1 allows authenticated attackers to escalate privileges to Administrator and access sensitive components and information.
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allo
This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid login ID could exploit t
A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS. An authenticated local user may be able to execute arbitrary code with SYSTEM privileges due to imp
Improper access control for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.