ROS-20260430-73-0007

Vulnerability in crun related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20260330-73-0001

A vulnerability in the LSILogic module of the Oracle VM VirtualBox virtualization software tool is associated with insecure privilege management due to incorrect memory freeing. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...

ROS-20260209-73-0015

Vulnerability in sssd related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20251216-7319

Vulnerability in VirtualBox-kmod related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20251216-7318

Vulnerability in VirtualBox related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20251216-7320

Vulnerability in virtualbox-guest-additions related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20251001-02

VMSVGA virtual graphics adapter vulnerability in Oracle VM virtualization software VirtualBox is related to access control flaws resulting from buffer overruns. VirtualBox is related to access delimitation flaws as a result of an operation exceeding the buffer boundaries in memory. Exploitation o...

ROS-20250303-03

A vulnerability in the Linux operating system's dmidecode utility is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

CVE-2024-9500

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

PT-2025-1059 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to insecure privilege management in the Windows Installer component of Windows operating systems. It allows an attacker to elevate their privileges to the lev...

PT-2025-1242 · Microsoft · Autoupdate (Mau) For Mac

Name of the Vulnerable Software and Affected Versions: Microsoft AutoUpdate MAU for Mac affected versions not specified Description: The issue is related to insecure privilege management in Microsoft AutoUpdate MAU for Mac, which can allow an attacker to elevate their privileges. Recommendations:...

PT-2025-1012 · Sonicwall · Gen7 Sonicos Cloud Platform Nsv

Name of the Vulnerable Software and Affected Versions: Gen7 SonicOS Cloud platform NSv affected versions not specified Description: The issue is related to insecure privilege management in the configuration function of the SSH cloud platform. It allows a remote authenticated attacker with low...

Silicon Labs Z-Wave 700和Silicon Labs Z-Wave 800 安全漏洞

Silicon Labs Z-Wave 700 SiLabs Z-Wave 800 and Silicon Labs Z-Wave 800 SiLabs Z-Wave 800 are a series of chips from Silicon Labs, Inc. in the United States. A security vulnerability exists in Silicon Labs Z-Wave 700 and Silicon Labs Z-Wave 800 version v7.21.1, which stems from insecure privilege...

CVE-2024-9500 Autodesk ADP Desktop SDK Privilege Escalation Vulnerability

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

PT-2024-6522 · Rockwell Automation · Rockwell Automation Pavilion8

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Pavilion8 affected versions not specified Description: The issue is related to insecure privilege management, allowing a threat actor to view sensitive information and change settings due to an incorrect privilege matrix...

PT-2024-9165 · Nextcloud +2 · Nextcloud Enterprise Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 22.2.11 Nextcloud Server versions prior to 23.0.11 Nextcloud Server versions prior to 24.0.6 Nextcloud Enterprise Server versions prior to 22.2.11 Nextcloud Enterprise Server versions prior to 23.0.11...

Advisory ROSA-SA-2024-2452

software: redis 7.0.14 OS: ROSA-CHROME packageevrstring: redis-7.0.14-1 CVE-ID: CVE-2023-41053 BDU-ID: 2023-05475 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Redis database management system is related to insecure privilege management. Exploitation of the vulnerability could allow an...

PT-2024-7934 · Zohocorp · Manageengine Endpoint Central

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below Zohocorp ManageEngine EndPoint Central versions 11.3.2428.9 and below Description: The issue is related to arbitrary file deletion in the agent installed machines due to...

PT-2024-9958 · Ca · Ca Client Automation

Name of the Vulnerable Software and Affected Versions: CA Client Automation ITCM affected versions not specified Description: The issue is related to insecure privilege management in the CA Client Automation software, which allows non-admin or non-root users to encrypt strings using the CAF CLI a...

PT-2024-4986 · Microsoft · Brokering File System +1

Name of the Vulnerable Software and Affected Versions: Microsoft Brokering File System affected versions not specified Description: The issue is related to insecure privilege management in the Microsoft Brokering File System, which can be exploited to elevate privileges. This could allow an...