Total
2327 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-35761 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-05-29 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2022-35782 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2025-05-29 | 6.5 Medium |
| Azure Site Recovery Elevation of Privilege Vulnerability | ||||
| CVE-2022-35781 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2025-05-29 | 6.5 Medium |
| Azure Site Recovery Elevation of Privilege Vulnerability | ||||
| CVE-2022-35780 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2025-05-29 | 6.5 Medium |
| Azure Site Recovery Elevation of Privilege Vulnerability | ||||
| CVE-2022-35775 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2025-05-29 | 6.5 Medium |
| Azure Site Recovery Elevation of Privilege Vulnerability | ||||
| CVE-2022-35774 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2025-05-29 | 4.9 Medium |
| Azure Site Recovery Elevation of Privilege Vulnerability | ||||
| CVE-2022-32840 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-05-29 | 7.8 High |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-38351 | 1 Supremainc | 1 Biostar 2 | 2025-05-29 | 8.8 High |
| A vulnerability in Suprema BioStar (aka Bio Star) 2 v2.8.16 allows attackers to escalate privileges to System Administrator via a crafted PUT request to the update profile page. | ||||
| CVE-2024-21985 | 1 Netapp | 1 Clustered Data Ontap | 2025-05-29 | 7.6 High |
| ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. Possible actions include viewing limited configuration details and metrics or modifying limited settings, some of which could result in a Denial of Service (DoS). | ||||
| CVE-2024-0674 | 1 Lamassu | 4 Douro, Douro Firmware, Douro Ii and 1 more | 2025-05-29 | 6.3 Medium |
| Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process to run as root and execute the payload stored in the updatescript.js. | ||||
| CVE-2024-0219 | 1 Progress | 1 Telerik Justdecompile | 2025-05-29 | 7.8 High |
| In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system. | ||||
| CVE-2022-3079 | 1 Festo | 4 Cpx-cec-c1, Cpx-cec-c1 Firmware, Cpx-cmxx and 1 more | 2025-05-29 | 7.5 High |
| Festo control block CPX-CEC-C1 and CPX-CMXX in multiple versions allow unauthenticated, remote access to critical webpage functions which may cause a denial of service. | ||||
| CVE-2022-3068 | 1 Octoprint | 1 Octoprint | 2025-05-28 | 8.8 High |
| Improper Privilege Management in GitHub repository octoprint/octoprint prior to 1.8.3. | ||||
| CVE-2025-24183 | 1 Apple | 1 Macos | 2025-05-28 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A local user may be able to modify protected parts of the file system. | ||||
| CVE-2025-31222 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-05-27 | 7.8 High |
| A correctness issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A user may be able to elevate privileges. | ||||
| CVE-2025-24258 | 1 Apple | 1 Macos | 2025-05-27 | 7.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain root privileges. | ||||
| CVE-2025-24805 | 1 Opensecurity | 1 Mobile Security Framework | 2025-05-23 | 5.5 Medium |
| Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. A local user with minimal privileges is able to make use of an access token for materials for scopes which it should not be accepted. This issue has been addressed in version 4.3.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2025-4975 | 2025-05-23 | N/A | ||
| When a notification relating to low battery appears for a user with whom the device has been shared, tapping the notification grants full access to the power settings of that device. | ||||
| CVE-2022-35257 | 1 Ui | 1 Desktop | 2025-05-22 | 7.8 High |
| A local privilege escalation vulnerability in UI Desktop for Windows (Version 0.55.1.2 and earlier) allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM. | ||||
| CVE-2022-30121 | 1 Ivanti | 1 Endpoint Manager | 2025-05-22 | 6.7 Medium |
| The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system. | ||||