CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30025
https://notcve.org/view.php?id=CVE-2025-30025
11 Jul 2025 — The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation. The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation. • https://www.axis.com/dam/public/40/0e/03/cve-2025-30025pdf-en-US-485736.pdf • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-2790 – G DATA Total Security GDTunerSvc Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-2790
11 Jul 2025 — This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-53503 – Trend Micro Cleaner One Pro Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-53503
10 Jul 2025 — Trend Micro Cleaner One Pro is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Cleaner One Pro. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/tmka-12951 • CWE-64: Windows Shortcut Following (.LNK) •
CVSS: 4.1EPSS: 0%CPEs: -EXPL: 1CVE-2025-52357
https://notcve.org/view.php?id=CVE-2025-52357
09 Jul 2025 — This can be exploited to hijack sessions or escalate privileges through social engineering or browser-based attacks. • https://github.com/wrathfulDiety/CVE-2025-52357 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 1CVE-2025-6759 – Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges
https://notcve.org/view.php?id=CVE-2025-6759
08 Jul 2025 — Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS • https://github.com/olljanat/TestCitrixException • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-43019 – HP Support Assistant – Potential Escalation of Privilege
https://notcve.org/view.php?id=CVE-2025-43019
08 Jul 2025 — A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion. • https://support.hp.com/us-en/document/ish_12715930-12715980-16/hpsbgn04031 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-25269 – Local Privilege Escalation via Unauthenticated Command Injection
https://notcve.org/view.php?id=CVE-2025-25269
08 Jul 2025 — An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation. • https://certvde.com/de/advisories/VDE-2025-019 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24006 – Privilege Escalation via Insecure SSH Permissions
https://notcve.org/view.php?id=CVE-2025-24006
08 Jul 2025 — A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root. • https://certvde.com/de/advisories/VDE-2025-014 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24005 – Local Privilege Escalation via Vulnerable SSH Script
https://notcve.org/view.php?id=CVE-2025-24005
08 Jul 2025 — A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation. • https://certvde.com/de/advisories/VDE-2025-014 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20684
https://notcve.org/view.php?id=CVE-2025-20684
08 Jul 2025 — This could lead to local escalation of privilege with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-787: Out-of-bounds Write •