CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-45737
https://notcve.org/view.php?id=CVE-2025-45737
27 Jun 2025 — ., Ltd NeacSafe64 Driver before v1.0.0.8 allows attackers to escalate privileges via sending crafted IOCTL commands to the NeacSafe64.sys component. • https://github.com/za233/NeacController • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2025-36537 – Incorrect Permission Assignment for Critical Resource in TeamViewer Remote Management
https://notcve.org/view.php?id=CVE-2025-36537
24 Jun 2025 — Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. ... This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer. ... An attacker can leverage this vulnerability to escalate privi... • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1002 • CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 7CVE-2025-49144 – Notepad++ Privilege Escalation in Installer via Uncontrolled Executable Search Path
https://notcve.org/view.php?id=CVE-2025-49144
23 Jun 2025 — In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. • https://github.com/assad12341/notepad-v8.8.1-LPE-CVE- • CWE-272: Least Privilege Violation CWE-276: Incorrect Default Permissions CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47031
https://notcve.org/view.php?id=CVE-2023-47031
23 Jun 2025 — An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component. • http://ncr.com • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24287 – Veeam Agent for Microsoft Windows Incorrect Default Permissions Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-24287
18 Jun 2025 — A vulnerability allowing local system users to modify directory contents, allowing for arbitrary code execution on the local system with elevated permissions. This vulnerability allows local attackers to escalate privileges on affected installations of Veeam Agent for Microsoft Windows. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://www.veeam.com/kb4743 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 5CVE-2025-6018 – Pam-config: lpe from unprivileged to allow_active in pam
https://notcve.org/view.php?id=CVE-2025-6018
18 Jun 2025 — A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. • https://packetstorm.news/files/id/207433 • CWE-863: Incorrect Authorization •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0320 – Citrix Secure Access - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges
https://notcve.org/view.php?id=CVE-2025-0320
17 Jun 2025 — Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows • https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694724 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4879 – Citrix Workspace App for Windows - Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges
https://notcve.org/view.php?id=CVE-2025-4879
17 Jun 2025 — Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows • https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694718 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-49384 – Trend Micro Internet Security Platinum Host Service Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-49384
17 Jun 2025 — Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Internet Security. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitra... • https://helpcenter.trendmicro.com/en-us/article/TMKA-11112 • CWE-64: Windows Shortcut Following (.LNK) •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 5CVE-2025-6019 – Libblockdev: lpe from allow_active to root in libblockdev via udisks
https://notcve.org/view.php?id=CVE-2025-6019
17 Jun 2025 — A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. ... Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. ... A local attacker with an active session on the console can use this issue to escalate their pri... • https://packetstorm.news/files/id/207433 • CWE-250: Execution with Unnecessary Privileges •