Search Results (9540 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-4692 2026-04-15 6.8 Medium
Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access any device managed by the ABUP Cloud Update Platform.
CVE-2024-31756 1 Marvintest Solutions 1 Hardware Access Driver 2026-04-15 7.8 High
An issue in MarvinTest Solutions Hardware Access Driver v.5.0.3.0 and before and fixed in v.5.0.4.0 allows a local attacker to escalate privileges via the Hw65.sys component.
CVE-2025-10941 2026-04-15 7.8 High
A vulnerability was determined in Topaz SERVCore Teller 2.14.0-RC2/2.14.1. Affected by this issue is some unknown functionality of the file SERVCoreTeller_2.0.40D.msi of the component Installer. Executing manipulation can lead to permission issues. The attack needs to be launched locally. You should upgrade the affected component. The vendor explains, that "this vulnerability was detected at the beginning of 2025, it was remediated because the latest published version of the installer no longer uses "nssm," which is responsible for this vulnerability".
CVE-2025-6513 2026-04-15 9.3 Critical
Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.
CVE-2024-22774 1 Panoramic Corporation 1 Dental Imaging Software 2026-04-15 7.8 High
An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component.
CVE-2024-22752 1 Easeus 1 Mobimover 2026-04-15 8.1 High
Insecure permissions issue in EaseUS MobiMover 6.0.5 Build 21620 allows attackers to gain escalated privileges via use of crafted executable launched from the application installation directory.
CVE-2024-9779 1 Redhat 1 Acm 2026-04-15 7.5 High
A flaw was found in Open Cluster Management (OCM) when a user has access to the worker nodes which contain the cluster-manager or klusterlet deployments. The cluster-manager deployment uses a service account with the same name "cluster-manager" which is bound to a ClusterRole also named "cluster-manager", which includes the permission to create Pod resources. If this deployment runs a pod on an attacker-controlled node, the attacker can obtain the cluster-manager's token and steal any service account token by creating and mounting the target service account to control the whole cluster.
CVE-2024-38818 1 Vmware 3 Cloud Foundation, Nsx, Nsx-t 2026-04-15 6.7 Medium
VMware NSX contains a local privilege escalation vulnerability.  An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assigned.
CVE-2025-48082 2 Progress Planner, Wordpress 2 Progress Planner, Wordpress 2026-04-15 8.8 High
Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through <= 1.8.0.
CVE-2024-12782 2026-04-15 7.3 High
A vulnerability has been found in Fujifilm Business Innovation Apeos C3070, Apeos C5570 and Apeos C6580 up to 24.8.28 and classified as critical. This vulnerability affects unknown code of the file /home/index.html#hashHome of the component Web Interface. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains that "during technical verification it is not possible to reproduce any active actions like reboots which were mentioned in the original researcher disclosure."
CVE-2025-25295 1 Humansignal 1 Label Studio 2026-04-15 N/A
Label Studio is an open source data labeling tool. A path traversal vulnerability in Label Studio SDK versions prior to 1.0.10 allows unauthorized file access outside the intended directory structure. The flaw exists in the VOC, COCO and YOLO export functionalities. These functions invoke a `download` function on the `label-studio-sdk` python package, which fails to validate file paths when processing image references during task exports. By creating tasks with path traversal sequences in the image field, an attacker can force the application to read files from arbitrary server filesystem locations when exporting projects in any of the mentioned formats. This is authentication-required vulnerability allowing arbitrary file reads from the server filesystem. It may lead to potential exposure of sensitive information like configuration files, credentials, and confidential data. Label Studio versions before 1.16.0 specified SDK versions prior to 1.0.10 as dependencies, and the issue was confirmed in Label Studio version 1.13.2.dev0; therefore, Label Studio users should upgrade to 1.16.0 or newer to mitigate it.
CVE-2024-7407 2026-04-15 N/A
Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transformed.  This issue was fixed in 18.2.377 version of the software.
CVE-2025-34143 2026-04-15 N/A
An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583.
CVE-2024-27357 2026-04-15 5.8 Medium
An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements Client Security through 23.x for macOS, and WithSecure MDR through 23.x for macOS. Local Privilege Escalation can occur during installations or updates by admins.
CVE-2025-2843 1 Redhat 1 Cluster Observability Operator 2026-04-15 8.8 High
A flaw was found in the Observability Operator. The Operator creates a ServiceAccount with *ClusterRole* upon deployment of the *Namespace-Scoped* Custom Resource MonitorStack. This issue allows an adversarial Kubernetes Account with only namespaced-level roles, for example, a tenant controlling a namespace, to create a MonitorStack in the authorized namespace and then elevate permission to the cluster level by impersonating the ServiceAccount created by the Operator, resulting in privilege escalation and other issues.
CVE-2025-11923 2 Lifterlms, Wordpress 2 Lifterlms, Wordpress 2026-04-15 8.8 High
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to privilege escalation. This is due to the plugin not properly validating a user's identity prior to allowing them to modify their own role via the REST API. The permission check in the update_item_permissions_check() function returns true when a user updates their own account without verifying the role changes. This makes it possible for authenticated attackers, with student-level access and above, to escalate their privileges to administrator by updating their own roles array via a crafted REST API request. Another endpoint intended for instructors also provides an attack vector. Affected version ranges are 3.5.3-3.41.2, 4.0.0-4.21.3, 5.0.0-5.10.0, 6.0.0-6.11.0, 7.0.0-7.8.7, 8.0.0-8.0.7, 9.0.0-9.0.7, 9.1.0.
CVE-2025-59094 1 Dormakaba 1 Kaba Exos 9300 2026-04-15 N/A
A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application (d9sysdef.exe). Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM privileges.
CVE-2013-10052 2 Zpanel, Zpanel Project 2 Zpanel, Zpanel 2026-04-15 N/A
ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo can be invoked by low-privileged users to execute arbitrary commands as root. This flaw enables local attackers with shell access to escalate privileges by writing a payload to a writable directory and executing it via zsudo. The vulnerability is particularly impactful in post-exploitation scenarios following web server compromise, where the attacker inherits access to zsudo.
CVE-2024-52334 1 Siemens 1 Syngo Plaza Vb30e 2026-04-15 5.3 Medium
A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access.
CVE-2024-53706 1 Sonicwall 1 Sonicos 2026-04-15 7.8 High
A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution.