Falhas do tipo CWE-269
1.772 resultadosCVE-2023-2833HIGHReviewX <= 1.6.13 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege EscalationEPSS 17.5%CVE-2023-20048CRITICALA vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacEPSS 15.8%CVE-2023-38944CRITICALAn issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01.10_pt allows attackers to bypass the access EPSS 15.5%CVE-2024-5009HIGHWhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation VulnerabilityEPSS 15.0%CVE-2025-47411HIGHApache StreamPipes: Leverage of User ID for Privilege EscalationEPSS 14.8%CVE-2021-1388CRITICALCisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass VulnerabilityEPSS 14.4%CVE-2024-12284HIGHAuthenticated privilege escalationEPSS 11.9%CVE-2025-24286HIGHA vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.EPSS 10.7%CVE-2013-0643HIGHThe Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 anEPSS 10.5%KEVCVE-2025-20282CRITICALCisco ISE API Unauthenticated Remote Code Execution VulnerabilityEPSS 9.8%CVE-2017-7922—An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly rEPSS 9.6%CVE-2024-29976MEDIUM** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 firmware vEPSS 9.0%CVE-2019-1388HIGHAn elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'WinEPSS 8.6%KEVCVE-2025-8489CRITICALKing Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor 24.12.92 - 51.1.14 - Unauthenticated Privilege EscalationEPSS 8.3%CVE-2020-3950HIGHVMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior bEPSS 7.3%KEVCVE-2021-30355—Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privilegeEPSS 6.9%CVE-2023-28434HIGHMinIO is vulnerable to privilege escalation on Linux/MacOSEPSS 6.7%KEVCVE-2023-26600—ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP through 14000, Support Center Plus through 14000, and Asset Explorer throuEPSS 6.3%CVE-2024-38014HIGHWindows Installer Elevation of Privilege VulnerabilityEPSS 6.1%KEVCVE-2022-37706HIGHenlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library funEPSS 5.5%