CVE-2026-22069

CVE-2026-22069 affects O+ Connect and describes a local privilege-escalation vulnerability where the pipe interface fails to validate the caller’s identity. The CVSS 3.1 score is 7.3 (HIGH) with LOCAL attack vector, LOW privileges required, USER interaction required, scope changed, and impact on ...

Linux Distros Unpatched Vulnerability : CVE-2026-7990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege...

CVE-2026-43578

OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion content to leave a run in a more privileged contex...

RHEL 10 : firefox (RHSA-2026:10767)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:10767 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

CVE-2026-33518 Incorrect privilege assignment in Portal for ArcGIS

An incorrect privilege assignment vulnerability exists in Esri Portal for ArcGIS 11.5 in Windows and Linux that allows highly privileged users to create developer credentials that may grant more privileges than expected...

PT-2026-31396

Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 series appliances affected versions not specified Description Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...

CVE-2025-12690

CVE-2025-12690 describes a local privilege escalation in the Forcepoint NGFW Engine . The issue is an execution with unnecessary privileges that allows a local attacker to escalate privileges within the affected NGFW Engine. Affected versions are listed as up to 6.10.19 and up to 7.3.0, 7.2.4, an...

PT-2026-24333

Name of the Vulnerable Software and Affected Versions .NET affected versions not specified Description A flaw in .NET allows an authorized attacker to gain elevated privileges on a local system. The March 2026 Patch Tuesday addressed this issue, fixing 79 flaws including two zero-day...

AZL-78246 CVE-2026-2492 affecting package tensorflow 2.11.1-2

TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target syste...

KB5075971: Windows Server 2012 Security Update (February 2026)

The remote Windows host is missing security update 5075971. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Heap-based buffer overflow in Microso...

CVE-2018-18368

Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an...

CVE-2022-31791

WatchGuard Firebox and XTM appliances allow a local attacker that has already obtained shell access to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

CVE-2022-26466

In audio ipi, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558777; Issue ID: ALPS06558777...

CVE-2019-7656

A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/ core program files. By injecting a payload into one of those files...

CVE-2019-12757

Symantec Endpoint Protection SEP, prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition SEP SBE prior to 12.1 RU6 MP10d 12.1.7510.7002, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to...

CVE-2019-12751

Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user...

CVE-2019-12759

Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...

EUVD-2025-205014

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...

CVE-2025-14490 RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...

CVE-2025-14493 RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...