Search Results (383 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-22017 2 Nodejs, Redhat 2 Nodejs, Enterprise Linux 2026-04-15 7.3 High
setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects all users using version greater or equal than Node.js 18.18.0, Node.js 20.4.0 and Node.js 21.
CVE-2025-23009 1 Sonicwall 1 Netextender 2026-04-15 7.2 High
A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion.
CVE-2024-27146 1 Toshibatec 50 E-studio-2010-ac, E-studio-2015-nc, E-studio-2018 A and 47 more 2026-04-15 6.7 Medium
The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL.
CVE-2024-28139 2026-04-15 8.8 High
The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near future.
CVE-2025-3364 1 Hgiga 1 Powerstation 2026-04-15 6.7 Medium
The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system.
CVE-2025-8907 2026-04-15 7 High
A vulnerability was found in H3C M2 NAS V100R006. Affected by this vulnerability is an unknown functionality of the component Webserver Configuration. The manipulation leads to execution with unnecessary privileges. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor explains: "[T]he device only has configuration files and does not actually have boa functionality. It is impossible to access or upload files anonymously to the device through boa services". This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2024-28140 2026-04-15 6.1 Medium
The scanner device boots into a kiosk mode by default and opens the Scan2Net interface in a browser window. This browser is run with the permissions of the root user. There are also several other applications running as root user. This can be confirmed by running "ps aux" as the root user and observing the output.
CVE-2024-8767 1 Acronis 3 Backup Extension For Plesk, Backup Plugin For Cpanel \& Whm, Backup Plugin For Directadmin 2026-04-15 N/A
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for DirectAdmin (Linux) before build 147.
CVE-2026-4498 1 Elastic 1 Kibana 2026-04-14 7.7 High
Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via Privilege Abuse (CAPEC-122). This requires an authenticated Kibana user with Fleet sub-feature privileges (such as agents, agent policies, and settings management).
CVE-2026-1346 1 Ibm 4 Security Verify Access, Security Verify Access Container, Verify Identity Access and 1 more 2026-04-10 9.3 Critical
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to escalate their privileges to root due to execution with unnecessary privileges than required.
CVE-2024-23299 1 Apple 1 Macos 2026-04-02 8.6 High
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to break out of its sandbox.
CVE-2026-4606 1 Geovision 1 Gv-edge Recording Manager 2026-03-25 N/A
GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system.  During installation, ERM creates a Windows service that runs under the LocalSystem account.  When the ERM application is launched, related processes are spawned under SYSTEM privileges rather than the security context of the logged-in user.  Functions such as 'Import Data' open a Windows file dialog operating with SYSTEM permissions, enabling modification or deletion of protected system files and directories.  Any ERM function invoking Windows file open/save dialogs exposes the same risk.  This vulnerability allows local privilege escalation and may result in full system compromise.
CVE-2025-34515 1 Ilevia 2 Eve X1 Server, Eve X1 Server Firmware 2026-03-23 9.8 Critical
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in sync_project.sh that allows an attacker to escalate privileges to root. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.
CVE-2025-69783 2 Comodosecurity, Xcitium 2 Openedr, Openedr 2026-03-23 7.8 High
A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name (e.g., csrss.exe, edrsvc.exe, edrcon.exe). This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as configuration changes, process monitoring, and IOCTL communication that should be restricted to trusted components. While this issue alone does not directly grant SYSTEM privileges, it breaks OpenEDR's trust model and enables further exploitation leading to full local privilege escalation.
CVE-2025-67510 2 Neuron-ai, Neuron-core 2 Neuron, Neuron-ai 2026-03-06 9.4 Critical
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
CVE-2024-48013 1 Dell 1 Smartfabric Os10 2026-02-26 8.8 High
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2025-1137 1 Ibm 2 Spectrum Scale Container Native Storage Access, Storage Scale 2026-02-26 7.5 High
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization.
CVE-2025-1951 1 Ibm 2 Hardware Management Console, Power Hardware Management Console 2026-02-26 8.4 High
IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges.
CVE-2025-33103 1 Ibm 1 I 2026-02-26 8.5 High
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 product IBM TCP/IP Connectivity Utilities for i contains a privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system.
CVE-2025-1411 1 Ibm 1 Security Verify Directory 2026-02-26 7.8 High
IBM Security Verify Directory Container 10.0.0.0 through 10.0.3.1 could allow a local user to execute commands as root due to execution with unnecessary privileges.