CWE:
 

Topic
Date
Author
Med.
needrestart Local Privilege Escalation
28.11.2024
Qualys Security Adviso...
Med.
Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download
14.11.2024
Andreas Kolbeck
High
SofaWiki 3.9.2 Shell Upload
25.10.2024
Chokri Hammedi
Med.
ManageEngine ADManager Plus Privilege Escalation
07.10.2024
Metin Yunus Kandemir
High
MD-Pro 1.0.76 Shell Upload / SQL Injection
05.10.2024
Emiliano Febbi
Med.
Nitro PDF Pro Local Privilege Escalation
02.10.2024
Sandro Einfeldt
Med.
Microsoft Windows TOCTOU Local Privilege Escalation
18.09.2024
jheysel-r7
Med.
Vivavis HIGH-LEIT 4 / 5 Privilege Escalation
03.09.2024
Lukas Krieg
Med.
Microsoft Exchange Privilege Escalation
03.09.2024
_dirkjan
High
Open WebUI 0.1.105 File Upload / Path Traversal
12.08.2024
Jaggar Henry
High
Prison Management System 1.0 Shell Upload
26.07.2024
Muhammet Ali Dak
Med.
Bonjour Service mDNSResponder.exe Unquoted Service Path Privilege Escalation
17.07.2024
bios
Med.
SoftMaker Office / FreeOffice Local Privilege Escalation
06.07.2024
Michael Baer
High
Edu-Sharing Arbitrary File Upload
24.06.2024
Kai Zimmermann
High
CMSimple 5.15 Remote Shell Upload
07.06.2024
Ahmet Umit Bayram
High
appRain CMF 4.0.5 Shell Upload
07.06.2024
Ahmet Umit Bayram
Med.
Progress Flowmon 12.3.5 Local sudo Privilege Escalation
02.06.2024
Dave Yesland
Med.
Kemp LoadMaster Local sudo Privilege Escalation
13.05.2024
bwatters-r7
High
Openmediavault Remote Code Execution / Local Privilege Escalation
09.05.2024
Mert BENADAM
Med.
MinIO < 2024-01-31T20-20-33Z Privilege Escalation
14.04.2024
Jenson Zhao
High
Trimble TM4Web 22.2.0 Privilege Escalation / Access Code Disclosure
11.04.2024
Clement Cruchet
High
GUnet OpenEclass E-learning 3.15 File Upload / Command Execution
11.04.2024
Georgios Tsimpidas
High
Wordpress Plugin Membership For WooCommerce < v2.1.7 Arbitrary File Upload to Shell (Unauthenticated)
08.04.2024
Milad Karimi
Med.
Intel PowerGadget 3.6 Local Privilege Escalation
30.03.2024
Julian Horoszkiewicz
Med.
Checkmk Agent 2.0.0 / 2.1.0 / 2.2.0 Local Privilege Escalation
16.03.2024
Michael Baer
High
DataCube3 1.0 Shell Upload
11.03.2024
Samy Younsi
High
Petrol Pump Management Software v1.0 Remote Code Execution via File Upload
03.03.2024
Shubham Pandey
Med.
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation
22.02.2024
Johannes Volpel
High
Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload
15.02.2024
Andrey Stoykov
Med.
runc 1.1.11 File Descriptor Leak Privilege Escalation
06.02.2024
h00die
High
xbtitFM 4.1.18 SQL Injection / Shell Upload / Traversal
22.01.2024
Who cares anyway
Med.
Traceroute 2.1.2 Privilege Escalation
22.01.2024
g30ff1rl
Med.
cpio 2.13 Privilege Escalation
14.01.2024
Georgi Guninski
Med.
Microsoft SQL Server db_ddladmin Privilege Escalation
14.01.2024
Emad Al-Mousa
Med.
Android DeviceVersionFragment.java Privilege Escalation
14.01.2024
Amirhossein Bahramizad...
High
CMSMS 2.2.19 Arbitrary File Upload
06.01.2024
nu11secur1ty
High
Lot Reservation Management System 1.0 Shell Upload
31.12.2023
Elijah Mandila Syoyi
Med.
Glibc Tunables Privilege Escalation
24.12.2023
Blasty
High
Hospital Management System 4.0 XSS / Shell Upload / SQL Injection
24.12.2023
Louise Ng
High
osCommerce 4.13-60075 Shell Upload
17.12.2023
nu11secur1ty
Med.
Splunk edit_user Capability Privilege Escalation
27.10.2023
Heyder Andrade
High
SugarCRM 13.0.1 Shell Upload
27.10.2023
EgiX
High
Zoo Management System 1.0 Shell Upload
16.10.2023
Cagatay Ceyhan
High
BoidCMS 2.0.0 Shell Upload
10.10.2023
1337kid
High
glibc ld.so Local Privilege Escalation
08.10.2023
Qualys Security Adviso...
Med.
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation
02.10.2023
LiquidWorm
Med.
OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation
25.09.2023
Yasar Klawohn
Med.
Windows Common Log File System Driver (clfs.sys) Privilege Escalation
20.09.2023
Ricardo Narvaja
Med.
TECHView LA5570 Wireless Gateway 1.0.19_T53 Traversal / Privilege Escalation
09.09.2023
The Security Team
High
Soosyze 2.0.0 Arbitrary File Upload
09.09.2023
nu11secur1ty
High
Hyip Rio 2.1 Arbitrary File Upload
04.09.2023
CraCkEr
High
Online ID Generator 1.0 SQL Injection / Shell Upload
31.08.2023
nu11secur1ty
High
SugarCRM 12.2.0 Shell Upload
23.08.2023
EgiX
High
Hyip Rio 2.1 Cross Site Scripting / File Upload
16.08.2023
CraCkEr
High
systemd 246 Local Root Privilege Escalation
11.08.2023
Iyaad Luqman K
Med.
WordPress WP Project Manager 2.6.4 Privilege Escalation
11.08.2023
Chloe Chamberland
Med.
GNOME Files 43.4 Privilege Escalation
08.08.2023
Georgi Guninski
Med.
Webutler 3.2 Shell Upload
05.08.2023
Mirabbas Agalarov
High
Uvdesk 1.1.3 Shell Upload
01.08.2023
Daniel Barros
High
Blackcat CMS 1.4 Shell Upload
21.07.2023
Mirabbas Agalarov
High
Pluck 4.7.18 Remote Shell Upload
21.07.2023
nu11secur1ty
High
Foody Friend 1.0 Arbitrary File Upload / Cross Site Scripting
21.07.2023
CraCkEr
High
Listplace Directory Listing Platform 3.0 File Upload / Cross Site Scripting
21.07.2023
CraCkEr
Med.
Aures Booking And POS Terminal Local Privilege Escalation
19.07.2023
Vulnerability Laborato...
High
WordPress User Registration 3.0.2 Arbitrary File Upload
13.07.2023
Lana Codes
High
POS Codekop 2.0 Shell Upload
05.07.2023
yuyudhn
Med.
WordPress Ultimate Member 2.6.6 Privilege Escalation
30.06.2023
Marc-Alexandre Montpas
Med.
HiSecOS 04.0.01 Privilege Escalation
22.06.2023
dreizehnutters
High
Teachers Record Management System 1.0 File Upload Type Validation
15.06.2023
Affan
High
WordPress Workreap 2.2.2 Shell Upload
13.06.2023
Mohammad Hossein Khana...
Med.
WordPress Theme Workreap 2.2.2 Unauthenticated Upload Leading to Remote Code Execution
10.06.2023
Mohammad Hossein Khana...
Med.
CloudPanel 2.2.2 Privilege Escalation / Path Traversal
07.06.2023
EagleEye
High
unilogies/bumsys v1.0.3 beta Unrestricted File Upload
06.06.2023
AFFAN AHMED
High
Acelle Email Marketing 3.0.15 Arbitrary File Upload
02.06.2023
indoushka
High
Serenity / StartSharp Software File Upload / XSS / User Enumeration / Reusable Tokens
30.05.2023
Fabian Densborn
High
GetSimple CMS 3.3.16 Shell Upload
28.05.2023
Youssef Muhammad
High
Ivanti Avalanche FileStoreConfig Shell Upload
21.05.2023
Shelby Pace
High
Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload
21.05.2023
Fabian Densborn
High
IBM AIX 7.2 inscout Privilege Escalation
20.05.2023
Tim Brown
High
Millhouse-Project 1.414 Shell Upload
13.05.2023
Chokri Hammedi
Med.
GV-Edge Recording Manager 2.2.3.0 Privilege Escalation
08.05.2023
Andrea Intilangelo
High
File Thingie 2.5.7 Shell Upload
08.05.2023
Maurice Fielenbach
High
Wolf CMS 0.8.3.1 Shell Upload
07.05.2023
Ahmet Umit Bayram
Med.
MilleGPG5 5.9.2 Local Privilege Escalation
27.04.2023
Andrea Intilangelo
Med.
AspEmail v5.6.0.2 Local Privilege Escalation
25.04.2023
Zer0FauLT [admindeepse...
Med.
Stonesoft VPN Client 6.2.0 / 6.8.0 Local Privilege Escalation
23.04.2023
TOUHAMI KASBAOUI
High
ProjeQtOr Project Management System 10.3.2 Shell Upload
23.04.2023
Mirabbas Agalarov
Med.
Nokia OneNDS 17 Insecure Permissions / Privilege Escalation
23.04.2023
Valerio Casalino
Med.
Nokia OneNDS 20.9 Insecure Permissions / Privilege Escalation
21.04.2023
Giacomo Sighinolfi
High
KODExplorer 4.49 Cross Site Request Forgery / Shell Upload
21.04.2023
Mr Empy
Med.
Sielco Analog FM Transmitter 2.12 Remote Privilege Escalation
15.04.2023
LiquidWorm
Med.
File Replication Pro 7.5.0 Insecure Permissions / Privilege Escalation
14.04.2023
Andrea Intilangelo
Med.
Bludit 4.0.0-rc-2 Privilege Escalation
11.04.2023
nu11secur1ty
High
Roxy Fileman 1.4.5 Shell Upload
10.04.2023
Zer0FauLT
High
dotclear 2.25.3 Shell Upload
10.04.2023
Mirabbas Agalarov
Med.
Citrix 22.2.1.103 / 23.1.1.11 Local Privilege Escalation
05.04.2023
Touhami Kasbaoui
Med.
Windows 11 10.0.22000 Backup service Privilege Escalation
05.04.2023
nu11secur1ty
High
sudo 1.9.12p1 Privilege Escalation
03.04.2023
n3m1.sys
Med.
Forcepoint (Stonesoft VPN Client) 6.2.0 / 6.8.0 Local Privilege Escalation
02.04.2023
Touhami Kasbaoui
High
Bludit 3-14-1 Shell Upload
02.04.2023
Alperen Ergel

CVEMAP Search Results

CVE
Details
Description
2024-06-15
Waiting for details
CVE-2024-27275
Updating...
 
 
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support. IBM X-Force ID: 285203.

 
2024-05-29
Waiting for details
CVE-2023-42005
Updating...
 
 
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264.

 
2024-03-14
Waiting for details
CVE-2024-22346
Updating...
 
 
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203.

 
2024-03-04
Waiting for details
CVE-2024-22452
Updating...
 
 
Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation.

 
2024-03-01
Waiting for details
CVE-2023-47716
Updating...
 
 
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656.

 
2024-02-02
Waiting for details
CVE-2023-47142
Updating...
 
 
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267.

 
2024-01-19
Waiting for details
CVE-2023-40683
Updating...
 
 
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005.

 
2023-07-10
Waiting for details
CVE-2023-3599
Updating...
 
 
A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function save_user of the file admin_class.php of the component Add User Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-233450 is the identifier assigned to this vulnerability.

 
2022-09-23
Waiting for details
CVE-2022-35238
Updating...
 
 
Unauthenticated Plugin Settings Change vulnerability in Awesome Filterable Portfolio plugin <= 1.9.7 at WordPress.

 
Waiting for details
CVE-2022-38134
Updating...
 
 
Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.

 

 

Copyright 2025, cxsecurity.com

 

Back to Top