Fallos del tipo CWE-269
1785 resultadosCVE-2022-42046HIGHwfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalationEPSS 0.5%CVE-2024-33223HIGHAn issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows attackers to escalate privileges and execute EPSS 0.5%CVE-2024-51324LOWAn issue in the BdApiUtil driver of Baidu Antivirus v5.2.3.116083 allows attackers to terminate arbitrary process via executing a BYOVD (BriEPSS 0.5%CVE-2022-45451HIGHLocal privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber ProtectEPSS 0.5%CVE-2026-2144HIGHMagic Login Mail or QR Code <= 2.05 - Unauthenticated Privilege Escalation via Insecure QR Code File StorageEPSS 0.5%CVE-2025-1295HIGHTemplines Elementor Helper Core <= 2.7 - Authenticated (Subscriber+) Privilege EscalationEPSS 0.5%CVE-2024-29975MEDIUM** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versiEPSS 0.5%CVE-2023-22645HIGHkubewarden: Excessive permissions for kubewarden-controller-manager-cluster-roleEPSS 0.5%CVE-2024-28905HIGHMicrosoft Brokering File System Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2020-13776MEDIUMsystemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated byEPSS 0.5%CVE-2026-42609HIGHGrav: Administrative Account Disruption and Privilege De-escalation via User Overwrite LogicEPSS 0.5%CVE-2025-15403CRITICALRegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_orderEPSS 0.5%CVE-2023-20598HIGH
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gainEPSS 0.5%CVE-2023-28436MEDIUMNon-interactive Tailscale SSH sessions on FreeBSD may use the effective group ID of the tailscaled processEPSS 0.5%CVE-2023-36628HIGHPrivilege Escalation in VASAEPSS 0.5%CVE-2024-1138HIGHTIBCO FTL Privilege EscalationEPSS 0.5%CVE-2020-13522HIGHAn exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packEPSS 0.5%CVE-2024-39302LOWSome bbb-record-core files installed with wrong file permissionEPSS 0.5%CVE-2022-1606LOWIncorrect privilege assignment in M-Files ServerEPSS 0.5%CVE-2026-46867HIGHVulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Extensibility Framework). SupEPSS 0.5%