CVE-2025-23093

The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager through V10 R1.54.1 and V11 through R0.22.1 could allow an authenticated attacker to conduct a privilege escalation attack due to the execution of a resource with unnecessary privileges. A successful exploit could allow an...

CVE-2020-7110

ClearPass is vulnerable to Stored Cross Site Scripting by allowing a malicious administrator, or a compromised administrator account, to save malicious scripts within ClearPass that could be executed resulting in a privilege escalation attack. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher...

EUVD-2016-9617

Malware in sbrugna...

EUVD-2020-28244

Malware in sbrugna...

CVE-2025-49726

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally...

CVE-2025-20114

A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker...

CVE-2022-45183

Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...

CVE-2020-8257

Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, lead to privilege escalation attacks...

PT-2025-15527 · Microsoft · Windows Digital Media +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to a use after free condition in Windows Digital Media, allowing an authorized attacker to elevate privileges locally. Recommendations: At the moment, the...

CVE-2025-24059

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2024-53356

Weak JWT Secret vulnerabilitiy in EasyVirt DCScope = 8.6.0 and CO2Scope = 1.3.0 allows remote attackers to generate JWT for privilege escalation. The HMAC secret used for generating tokens is hardcoded as "somerandomaccesstoken". A weak HMAC secret poses a risk because attackers can use the...

USN-7059-2: OATH Toolkit vulnerability

USN-7059-1 fixed a vulnerability in OATH Toolkit library. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root own...

The vulnerability of the Win32k component in Windows operating systems, which allows attackers to increase their privileges

The vulnerability of the Win32k component in Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks. The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078,...

PT-2022-25951 · Mptcp · Mptcp

Name of the Vulnerable Software and Affected Versions: MPTCP module affected versions not specified Description: The issue is related to an out-of-bounds write vulnerability in the MPTCP module. Successful exploitation of this vulnerability may cause root privilege escalation attacks by modifying...

The vulnerability of the Win32k.sys component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component of the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

Google Android Memory Management Driver Elevation of Privilege Vulnerability (CNVD-2021-44313)

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in the Google Android memory management driver, which can be exploited by attackers to escalate privileges...

WordPress 5.0 Patched to Fix Serious Bugs

WordPress 5.0 users are being urged to update their CMS software to fix a number of serious bugs. The update WordPress 5.0.1 addresses seven flaws and was issued Thursday, less than a week after WordPress 5.0 was released. The most serious of the flaws is a bug that allows the WordPress “user...

NetEx HyperIP Privilege Escalation Vulnerability

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-592: Authentication Bypass Issues Impact: Privilege Escalation Attack vector: HTTPS 2. Vulnerability Description Privileges can be escalated by abusing...

PT-2014-18: Weak encryption of account data in Wonderware Information Server

The specialists of the Positive Research center have detected a Weak encryption of account data vulnerability in Wonderware Information Server. Encryption of WIS is insufficient. This vulnerability could allow elevation of privileges if an attacker decrypts the credentials. The system would need ...