CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-13090 – Privilege escalation in Guardian/CMC before 24.6.0
https://notcve.org/view.php?id=CVE-2024-13090
10 Jun 2025 — A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. ... Las reglas de sudo configuradas para una cuenta de servicio local eran excesivamente permisivas, lo que podría permitir acceso administrativo si un agente malicioso pudiera ejecutar comandos... • https://security.nozominetworks.com/NN-2025:2-01 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-32714 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-32714
10 Jun 2025 — This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32714 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-33075 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-33075
10 Jun 2025 — This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33075 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-45055
https://notcve.org/view.php?id=CVE-2025-45055
09 Jun 2025 — This allows attackers to escalate privileges by creating a new administrator account. • https://medium.com/@mingihongkim/privilege-escalation-via-svg-injection-in-silverpeas-6-4-2-b5ab1d5b6955 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2025-29627
https://notcve.org/view.php?id=CVE-2025-29627
09 Jun 2025 — An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric Authentication Module • https://github.com/SahilDabhilkar/CVE-Reference/blob/main/CVE-2025-29627.md • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43026 – HP Support Assistant – Potential Escalation of Privilege
https://notcve.org/view.php?id=CVE-2025-43026
05 Jun 2025 — The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. • https://support.hp.com/us-en/document/ish_12617979-12618008-16/hpsbgn04022 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48961
https://notcve.org/view.php?id=CVE-2025-48961
04 Jun 2025 — Local privilege escalation due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-8000 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1701 – Local Privilege Escalation in MIM Admin Service
https://notcve.org/view.php?id=CVE-2025-1701
04 Jun 2025 — The RMI interface is only accessible locally (listening on 127.0.0.1), limiting the attack vector to the local machine. ... From there, attackers with sufficient knowledge of MIM's implementation, library usage, and functionality with access to extend the MIM RMI library could force the MIM Admin service to run commands on the local machine with its privileges. • https://www.mimsoftware.com/cve-2025-1701 • CWE-20: Improper Input Validation CWE-306: Missing Authentication for Critical Function •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48959
https://notcve.org/view.php?id=CVE-2025-48959
04 Jun 2025 — Local privilege escalation due to insecure file permissions. • https://security-advisory.acronis.com/advisories/SEC-8133 • CWE-276: Incorrect Default Permissions •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31127 – MacOS Zscaler Client Connector Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-31127
04 Jun 2025 — An improper verification of a loaded library in Zscaler Client Connector on Mac < 4.2.0.241 may allow a local attacker to elevate their privileges. • https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2023?applicable_category=macOS&applicable_version=4.2&deployment_date=2023-12-14 • CWE-346: Origin Validation Error •