CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47031
https://notcve.org/view.php?id=CVE-2023-47031
23 Jun 2025 — An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component. • http://ncr.com • CWE-284: Improper Access Control •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-36048 – IBM webMethods Integration Sever code execution
https://notcve.org/view.php?id=CVE-2025-36048
18 Jun 2025 — IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges. • https://www.ibm.com/support/pages/node/7237144 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0320 – Citrix Secure Access - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges
https://notcve.org/view.php?id=CVE-2025-0320
17 Jun 2025 — Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows • https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694724 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4879 – Citrix Workspace App for Windows - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges
https://notcve.org/view.php?id=CVE-2025-4879
17 Jun 2025 — Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows • https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694718 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-49384 – Trend Micro Internet Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-49384
17 Jun 2025 — Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Internet Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/TMKA-11112 • CWE-64: Windows Shortcut Following (.LNK) •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 4CVE-2025-6019 – Libblockdev: lpe from allow_active to root in libblockdev via udisks
https://notcve.org/view.php?id=CVE-2025-6019
17 Jun 2025 — A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. ... Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. ... This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. ... A local attacker with an active session on the console can use thi... • https://github.com/guinea-offensive-security/CVE-2025-6019 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36632 – Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-36632
16 Jun 2025 — In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute code with SYSTEM privilege. • https://www.tenable.com/security/tns-2025-11 • CWE-276: Incorrect Default Permissions •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36631 – Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-36631
13 Jun 2025 — In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege. • https://www.tenable.com/security/tns-2025-11 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36633 – Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-36633
13 Jun 2025 — In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation. • https://www.tenable.com/security/tns-2025-11 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-49385 – Trend Micro Maximum Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-49385
13 Jun 2025 — Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://helpcenter.trendmicro.com/en-us/article/TMKA-18461 • CWE-64: Windows Shortcut Following (.LNK) •