Search Results (9508 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-39579 1 Dell 1 Powerscale Onefs 2026-02-20 6.7 Medium
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.
CVE-2023-32490 1 Dell 1 Powerscale Onefs 2026-02-20 6.7 Medium
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.
CVE-2024-37134 1 Dell 1 Powerscale Onefs 2026-02-20 6.7 Medium
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.
CVE-2021-21567 1 Dell 1 Powerscale Onefs 2026-02-20 7.8 High
Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege.
CVE-2023-32487 1 Dell 1 Powerscale Onefs 2026-02-20 7.8 High
Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure.
CVE-2025-64487 1 Getoutline 1 Outline 2026-02-20 7.6 High
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in 1.1.0.
CVE-2025-47955 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-20 7.8 High
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-33067 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2026-02-20 8.4 High
Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
CVE-2024-50619 1 Cipplanner 1 Cipace 2026-02-13 8.8 High
Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. A low-privileged authenticated user can gain access to other people's accounts by tampering with the client's user id to change their account information. A low-privileged authenticated user can elevate his or her system privileges by modifying the information of a user role that is disabled in the client.
CVE-2025-21360 1 Microsoft 1 Autoupdate 2026-02-13 7.8 High
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
CVE-2025-21343 1 Microsoft 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more 2026-02-13 7.5 High
Windows Web Threat Defense User Service Information Disclosure Vulnerability
CVE-2025-21287 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 7.8 High
Windows Installer Elevation of Privilege Vulnerability
CVE-2025-21199 1 Microsoft 3 Azure Agent, Azure Agent For Backup, Azure Agent For Site Recovery 2026-02-13 6.7 Medium
Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-24070 2 Microsoft, Redhat 4 Asp.net Core, Visual Studio 2022, Enterprise Linux and 1 more 2026-02-13 7 High
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-29800 1 Microsoft 1 Autoupdate 2026-02-13 7.8 High
Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
CVE-2025-29976 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-02-13 7.8 High
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.
CVE-2025-49741 1 Microsoft 1 Edge Chromium 2026-02-13 7.4 High
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
CVE-2025-49758 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2026-02-13 8.8 High
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-13979 2 Drupal, Salsa.digital 2 Mini Site, Mini Site 2026-02-12 5.4 Medium
Privilege Defined With Unsafe Actions vulnerability in Drupal Mini site allows Stored XSS.This issue affects Mini site: from 0.0.0 before 3.0.2.
CVE-2025-27021 1 Nokia 2 G42, G42 Firmware 2026-02-11 7 High
The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by tampering with kernel memory. Details: The output of "sudo -l" reports the presence of "devmem" command executable as super user without using a password. This command allows to read and write an arbitrary memory area of the target device, specifying an absolute address.