CVE-2025-38738

SupportAssist for Home PCs Installer exe versions 4.8.2.29006 and prior, contains an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

CVE-2025-54697

Incorrect Privilege Assignment vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Privilege Escalation.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.16...

CVE-2025-54697 WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.16 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Privilege Escalation.This issue affects Kadence WooCommerce Email Designer: from n/a through = 1.5.16...

PT-2025-33289 · Dell · Dell Supportassist For Business Pcs +1

Name of the Vulnerable Software and Affected Versions: SupportAssist for Home PCs versions prior to 4.6.4 SupportAssist for Business PCs versions prior to 4.5.4 Description: SupportAssist for Home PCs and SupportAssist for Business PCs contain an Incorrect Privilege Assignment issue. A local...

PT-2025-33249 · Kadence Wp · Kadence Woocommerce Email Designer

Name of the Vulnerable Software and Affected Versions: Kadence WooCommerce Email Designer versions n/a through 1.5.16 Description: An incorrect privilege assignment issue exists in Kadence WooCommerce Email Designer, potentially allowing privilege escalation. Recommendations: Update Kadence...

PT-2025-33290 · Dell · Supportassist For Home Pcs Installer

Name of the Vulnerable Software and Affected Versions: SupportAssist for Home PCs Installer versions 4.8.2.29006 and prior Description: SupportAssist for Home PCs Installer contains an Incorrect Privilege Assignment issue in the Installer. A low-privileged attacker with local access could...

The vulnerability of the Vault Enterprise and Vault Community Edition archiving platforms for corporate information, related to improper privilege assignment, allows attackers to elevate their privileges to the root level.

The vulnerability of the Vault Enterprise and Vault Community Edition archiving platforms for corporate information is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment via the identity endpoint in the root namespace. An attacker can gain unauthorized access to elevated privileges by modifying token permissions to use the root policy. Remediation Upgrade...

CVE-2025-2179

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on...

The vulnerability of the monitoring, analysis, and automatic issue resolution platform of Palo Alto Networks Autonomous Digital Experience Manager lies in improper privilege assignment, allowing attackers to elevate their privileges to the root level.

The vulnerability of the monitoring, analysis, and automatic issue resolution platform used by Palo Alto Networks Autonomous Digital Experience Manager is related to improper privilege assignment. Exploiting this vulnerability can allow attackers to elevate their privileges to the root level...

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App, related to improper privilege assignment, allows a attacker to compromise the accessibility of protected information.

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to the improper assignment of privileges. Exploiting this vulnerability allows an attacker to compromise the accessibility of the protected information...

CVE-2025-2179

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on...

CVE-2025-2179 GlobalProtect App: Non Admin User Can Disable the GlobalProtect App

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on...

GO-2025-3758 Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad

Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad...

PT-2025-31220 · Palo Alto Networks · Globalprotect App

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect App on Linux devices affected versions not specified Description: An incorrect privilege assignment allows a locally authenticated, non-administrative user to disable the GlobalProtect app, even if the app’s...

The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammable router software allows attackers to increase their privileges.

The vulnerability of the FTP service provided by TOTOLINK N600R and X2000R microprogrammed router software is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

WordPress The E-Commerce ERP Elevation of Privilege Vulnerability

WordPress The E-Commerce ERP is a comprehensive management system designed for small and medium-sized enterprises, integrating financial management, human resources management, procurement management, sales management, inventory management and production management, helping enterprises to optimiz...

The vulnerability of Palo Alto Networks Cortex, a cloud-based security platform, allows attackers to elevate their privileges to the root level.

The vulnerability of the virtual machine on Palo Alto Networks Cortex XDR Broker VM in cloud security platforms is related to improper privilege assignment. Exploiting this vulnerability can allow attackers to elevate their privileges to a root level...

CVE-2025-52836 WordPress The E-Commerce ERP <= 2.1.1.3 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Privilege Escalation.This issue affects The E-Commerce ERP: from n/a through = 2.1.1.3...

WordPress plugin The E-Commerce ERP 安全漏洞

WordPress The E-Commerce ERP is a comprehensive management system designed for small and medium-sized enterprises, integrating financial management, human resources management, procurement management, sales management, inventory management and production management, helping enterprises to optimiz...