Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
20 results
Incorrect default permissions in some firmware for the Intel(R) Arc(TM) B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged us
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.
CVE-2026-6510
CRITICAL CVSS 9.8
Find Similar
The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This is due to missing nonce verification and capab
Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated u
Improper Access Control in some Intel(R) DSA before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access.
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Ad
Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows the unauthorized creation of internal users without assigning any existing user role, potentially leadi
A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access (VIA) client. Successful exploitation of this vulnerability could allow a local attac
CVE-2025-2947
CRITICAL CVSS 9.8
Find Similar
IBM i 7.6  contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command.  A malicious actor can use the command to elevate privileges to gain root access to the ho
Link Following Local Privilege Escalation Vulnerability in TuneupSvc.exe in AVG TuneUp 24.2.16593.9844 on Windows allows local attackers to escalate privileges and execute arbitrary code in the contex
The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the rp_user_profile() AJAX handler in versions 0.1.0 through 0.3.9. The handler
Improper input validation in the UEFI WheaERST module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high
Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software advers
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.
CVE-2022-3180
CRITICAL CVSS 9.8
Find Similar
The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accoun
In pda, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interac
Incorrect Privilege Assignment vulnerability in Saad Iqbal User Management user-management allows Privilege Escalation.This issue affects User Management: from n/a through <= 1.2.
Missing Authorization vulnerability in blokhauswp Minterpress minterpress allows Privilege Escalation.This issue affects Minterpress: from n/a through <= 1.0.5.
SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could
← Previous Page 5