CVSS: 8.9EPSS: %CPEs: -EXPL: 0CVE-2025-0416 – Valmet DNA Local privilege escalation through insecure DCOM configuration
https://notcve.org/view.php?id=CVE-2025-0416
01 Apr 2025 — Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. ... An attacker can use this vulnerability to escalate their privileges and take complete control of the system. • https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0416 • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2025-22937
https://notcve.org/view.php?id=CVE-2025-22937
31 Mar 2025 — An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via unspecified vectors. • https://drive.google.com/file/d/1levaZk5aC6g6a2zPW8xlOIVAu9MFYvAz/view •
CVSS: 10.0EPSS: %CPEs: -EXPL: 0CVE-2025-22939
https://notcve.org/view.php?id=CVE-2025-22939
31 Mar 2025 — A command injection vulnerability in the telnet service of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands. • https://drive.google.com/file/d/1levaZk5aC6g6a2zPW8xlOIVAu9MFYvAz/view •
CVSS: 10.0EPSS: %CPEs: -EXPL: 0CVE-2025-22941
https://notcve.org/view.php?id=CVE-2025-22941
31 Mar 2025 — A command injection vulnerability in the web interface of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands. • https://drive.google.com/file/d/1levaZk5aC6g6a2zPW8xlOIVAu9MFYvAz/view •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2782 – WatchGuard Terminal Services Agent Local Privilege Escalation via Non-Standard Installation Directory
https://notcve.org/view.php?id=CVE-2025-2782
28 Mar 2025 — This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00005 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2781 – WatchGuard Mobile VPN with SSL Local Privilege Escalation via Non-Standard Installation Directory
https://notcve.org/view.php?id=CVE-2025-2781
28 Mar 2025 — This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00004 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2713 – Improper File Permission Handling in Google gVisor runsc
https://notcve.org/view.php?id=CVE-2025-2713
28 Mar 2025 — Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. • https://github.com/google/gvisor/commit/586c38d70081b13b2ed494cef48e99b93956843e • CWE-269: Improper Privilege Management •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39311 – Publify Vulnerable To Cross-Site Scripting (XSS) Via Redirects Requiring User Interaction
https://notcve.org/view.php?id=CVE-2024-39311
28 Mar 2025 — A publisher may attempt to use this vulnerability to escalate their privileges and become an administrator. • https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 2CVE-2025-30772 – WordPress WPC Smart Upsell Funnel for WooCommerce plugin <= 3.0.4 - Arbitrary Option Update to Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2025-30772
27 Mar 2025 — A missing authorization vulnerability in the WPC Smart Upsell Funnel for WooCommerce plugin versions through 3.0.4 allows authenticated users with minimal privileges (e.g., subscriber) to escalate their privileges by modifying arbitrary WordPress options via a vulnerable AJAX endpoint. • https://packetstorm.news/files/id/190109 • CWE-862: Missing Authorization •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30232 – Debian Security Advisory 5887-1
https://notcve.org/view.php?id=CVE-2025-30232
27 Mar 2025 — A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges. • https://www.exim.org/static/doc/security/CVE-2025-30232.txt • CWE-416: Use After Free •