Total
2517 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-52926 | 1 Delinea Privilege Manager | 1 Delinea Privilege Manager | 2025-01-06 | 6.5 Medium |
| Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent. | ||||
| CVE-2023-26062 | 1 Nokia | 1 Web Element Manager | 2025-01-06 | 7 High |
| A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible from outside of mobile network solution architecture. This means that exploit is not possible from mobile network user UEs, from roaming networks, or from the Internet. Exploitation is possible only from a CSP (Communication Service Provider) mobile network solution internal BTS management network. | ||||
| CVE-2024-34082 | 1 Getgrav | 1 Grav | 2025-01-02 | 8.5 High |
| Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - `/grav/user/accounts/*.yaml`. This file stores hashed user password, 2FA secret, and the password reset token. This can allow an adversary to compromise any registered account and read any file in the web server by resetting a password for a user to get access to the password reset token from the file or by cracking the hashed password. A low privileged user may also perform a full account takeover of other registered users including Administrators. Version 1.7.46 contains a patch. | ||||
| CVE-2022-37966 | 4 Fedoraproject, Microsoft, Netapp and 1 more | 9 Fedora, Windows Server 2008, Windows Server 2012 and 6 more | 2025-01-02 | 8.1 High |
| Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | ||||
| CVE-2022-21970 | 1 Microsoft | 1 Edge Chromium | 2025-01-02 | 6.1 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2022-21902 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2025-01-02 | 7.8 High |
| Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2023-23412 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2025-01-01 | 7.8 High |
| Windows Accounts Picture Elevation of Privilege Vulnerability | ||||
| CVE-2023-21777 | 1 Microsoft | 1 Azure App Service On Azure Stack | 2025-01-01 | 8.7 High |
| Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability | ||||
| CVE-2023-21774 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-21773 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-21772 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-21755 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-21730 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.8 High |
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability | ||||
| CVE-2023-21561 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.8 High |
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability | ||||
| CVE-2023-21551 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2025-01-01 | 7.8 High |
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability | ||||
| CVE-2023-21549 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 11 more | 2025-01-01 | 8.8 High |
| Windows SMB Witness Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-21542 | 1 Microsoft | 9 Windows 10 1607, Windows 7, Windows 8.1 and 6 more | 2025-01-01 | 7 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2023-21531 | 1 Microsoft | 1 Azure Service Fabric | 2025-01-01 | 7 High |
| Azure Service Fabric Container Elevation of Privilege Vulnerability | ||||
| CVE-2023-21552 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2025-01-01 | 7.8 High |
| Windows GDI Elevation of Privilege Vulnerability | ||||
| CVE-2024-55631 | 1 Trendmicro | 2 Apexone Op, Apexone Saas | 2024-12-31 | 7.8 High |
| An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||