CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9464
https://notcve.org/view.php?id=CVE-2018-9464
17 Jan 2025 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-08-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9461
https://notcve.org/view.php?id=CVE-2018-9461
17 Jan 2025 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-08-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9434
https://notcve.org/view.php?id=CVE-2018-9434
17 Jan 2025 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-07-01 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9382
https://notcve.org/view.php?id=CVE-2018-9382
17 Jan 2025 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-06-01 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9375
https://notcve.org/view.php?id=CVE-2018-9375
17 Jan 2025 — This could lead to local escalation of privilege with no additional execution privileges needed. • https://github.com/IOActive/AOSP-ExploitUserDictionary • CWE-269: Improper Privilege Management •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21606 – Local Privilege Escalation via Exposed XPC Method Due to Client Verification Failure in stats
https://notcve.org/view.php?id=CVE-2025-21606
17 Jan 2025 — The Stats application is vulnerable to a local privilege escalation due to the insecure implementation of its XPC service. • https://github.com/exelban/stats/commit/c10759f7a186efdd82ddd818dae2ac1f853691fc • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-40514
https://notcve.org/view.php?id=CVE-2024-40514
16 Jan 2025 — Insecure Permissions vulnerability in themesebrand Chatvia v.5.3.2 allows a remote attacker to escalate privileges via the User profile name and image upload functions. • https://github.com/php-lover-boy/ChatVia • CWE-276: Incorrect Default Permissions •
CVSS: 9.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-57726
https://notcve.org/view.php?id=CVE-2024-57726
15 Jan 2025 — These API keys can be used to escalate privileges to the server admin role. • https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23013 – Gentoo Linux Security Advisory 202501-04
https://notcve.org/view.php?id=CVE-2025-23013
15 Jan 2025 — In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. • https://www.yubico.com/support/security-advisories/ysa-2025-01 • CWE-394: Unexpected Status Code or Return Value •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21127 – Photoshop Desktop | Uncontrolled Search Path Element (CWE-427)
https://notcve.org/view.php?id=CVE-2025-21127
14 Jan 2025 — This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Photoshop. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a target user. • https://helpx.adobe.com/security/products/photoshop/apsb25-02.html • CWE-427: Uncontrolled Search Path Element •