PT-2026-37023

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.4.5 through 2026.4.9 Description An issue allows write-scoped operators to modify persistent memory dreaming settings. Attackers with write-scoped gateway access can toggle admin-class configuration mutations through the...

EUVD-2026-9234

In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2017-13323

In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-23312

Uncontrolled search path for some IntelR Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-24409 Privilege Escalation

Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option...

CVE-2024-20106

In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08960505; Issue ID: MSV-1590...

CVE-2024-41344

A Cross-Site Request Forgery CSRF in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges...

CVE-2024-41344

A Cross-Site Request Forgery CSRF in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges...

CVE-2024-6840

CVE-2024-6840 discusses an improper authorization flaw in the Red Hat Ansible Automation Controller. The issue allows an attacker who can reach the Kubernetes API server to issue an HTTP request using a service account token mounted via automountServiceAccountToken: true, enabling privilege escal...

CVE-2024-39283

Incomplete filtering of special elements in IntelR TDX module software before version TDX1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-6698 FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation

The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the updateusermeta function. This makes it possible for authenticated attackers, with subscriber-level...

Kemp LoadMaster Local sudo Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kemp LoadMaster Local sudo privilege escalation', 'Description' = %q This module abuses a feature of the sudo command on Progress Kemp LoadMaster...

CVE-2023-36493

Uncontrolled search path in some IntelR SDK for OpenCLTM Applications software may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-27301

Improper access control in some IntelR ThunderboltTM DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-30617

Kruise provides automated management of large-scale applications on Kubernetes. Starting in version 0.8.0 and prior to versions 1.3.1, 1.4.1, and 1.5.2, an attacker who has gained root privilege of the node that kruise-daemon run can leverage the kruise-daemon pod to list all secrets in the entir...

CVE-2024-0193

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFTCHAIN object or NFTOBJECT object, allowing a local...

GHSA-GCGW-Q47M-PRVJ Duplicate Advisory: Improper JWT Signature Validation in SAP Security Services Library

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-59c9-pxq8-9c73. This link is maintained to preserve external references. Original Description SAP BTP Security Services Integration Library Java cloud-security-services-integration-library - versions below 2.17....

GHSA-H2RM-29CH-WFMH XWiki Identity Oauth Privilege escalation (PR)/remote code execution from login screen through unescaped URL parameter

Impact When login via the OAuth method, the identityOAuth parameters, sent in a GET request is vulnerable to XSS and XWiki syntax injection. This allows remote code execution via the groovy macro and thus affects the confidentiality, integrity and availability of the whole XWiki installation. The...

CVE-2023-21244

In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35674

In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...