CVE-2026-45484

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...

CVE-2026-22267

Dell PowerProtect Data Manager, versions prior to 19.22, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...

PT-2026-4345

Name of the Vulnerable Software and Affected Versions Dell ECS versions 3.8.1.0 through 3.8.1.7 Dell ObjectScale versions prior to 4.2.0.0 Description The issue concerns the use of default credentials within the Dell ECS and Dell ObjectScale operating system. A low-privileged attacker with remote...

Google Android 安全漏洞

Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a pre-condition check failure vulnerability that can be exploited by an attacker to cause a remote elevation of privilege...

EUVD-2017-4693

Malware in sbrugna...

The vulnerability of the corporate platform Microsoft Teams, which arises from the improper handling of insufficient permissions or privileges, allows a perpetrator to elevate their privileges.

The vulnerability of the corporate platform Microsoft Teams is related to the improper handling of insufficient permissions or privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

PT-2023-8588 · Hardy Barth · Hardy Barth Cph2 Echarge Ladestation

Name of the Vulnerable Software and Affected Versions: Hardy Barth cPH2 eCharge Ladestation versions 1.87.0 and earlier Description: The issue is related to errors in privilege management in the web application of the Hardy Barth cPH2 eCharge Ladestation. Exploitation of this issue may allow a...

PT-2023-8579 · Opentext · Opentext Fortify Scancentral Dast

Name of the Vulnerable Software and Affected Versions: opentext Fortify ScanCentral DAST versions 21.1 through 23.1 Description: The issue is related to an Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST, which could be exploited to gain elevated privileges. This...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open-source operating system from the US company Google. Google Android has an elevation of privilege vulnerability that can be exploited by attackers to remotely elevate privileges...

Google Android Buffer Overflow Vulnerability (CNVD-2022-47682)

Google Android is a Linux-based open source operating system from Google, Inc. A buffer overflow vulnerability exists in Google Android, which originates in GKIgetbuf in gkibuffer.cc. Due to a heap buffer overflow, an out-of-bounds write may exist, and an attacker could use this vulnerability to...

PT-2022-1708 · Microsoft · Dynamics Gp

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics GP affected versions not specified Description: The issue is related to insecure privilege management in Microsoft Dynamics GP, a software package for mid-size business accounting or enterprise resource planning. Exploitati...

Command injection

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same...

The vulnerability of the REST Interface Version 2 interface of the SAP Identity Management tool allows a perpetrator to elevate their privileges.

The vulnerability of the REST Interface Version 2 interface of the SAP Identity Management tool relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

Microsoft Azure Active Directory Connect Remote Elevation of Privilege Vulnerability (CNVD-2019-14680)

Microsoft Azure Active Directory Connect ADC is a service from Microsoft that provides identity and access management in the cloud. A remote elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect. It allows an attacker to execute two PowerShell Cmdlets in the...

Microsoft Edge Remote Elevation of Privilege Vulnerability (CNVD-2020-61599)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A remote elevation of privilege vulnerability exists in Microsoft Edge. An attacker can exploit this vulnerability to gain elevated privileges...

Pivotal Spring Framework Remote Elevation of Privilege Vulnerability

Pivotal Spring Framework is the U.S. Pivotal Software, Inc. of a set of open source Java, Java EE application framework. A remote elevation of privilege vulnerability exists in Pivotal Spring Framework. An attacker can exploit to gain elevated privileges. A failed exploit attempt could result in ...

Microsoft SharePoint Remote Elevation of Privilege Vulnerability (CNVD-2018-07011)

Microsoft SharePoint Enterprise Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A...

Input validation

In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed. User interaction is needed for...

CVE-2017-13176

In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed. User interaction is needed for...

Heap overflow

In libMtkOmxVdec.so there is a possible heap buffer overflow. This could lead to a remote elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android kernel...