Total
606 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-22914 | 1 Sick | 2 Tdc-x401gl, Tdc-x401gl Firmware | 2026-01-23 | N/A | 4.3 MEDIUM |
| An attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manipulation. | |||||
| CVE-2026-22916 | 1 Sick | 2 Tdc-x401gl, Tdc-x401gl Firmware | 2026-01-23 | N/A | 4.3 MEDIUM |
| An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration. | |||||
| CVE-2025-67279 | 1 Tim-solutions | 1 Tim Flow | 2026-01-22 | N/A | 5.3 MEDIUM |
| An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format | |||||
| CVE-2025-67278 | 1 Tim-solutions | 1 Tim Flow | 2026-01-22 | N/A | 6.5 MEDIUM |
| An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request | |||||
| CVE-2025-13888 | 2026-01-22 | N/A | 9.1 CRITICAL | ||
| A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged workloads that run on master nodes, effectively giving them root access to the entire cluster. | |||||
| CVE-2024-31771 | 1 Totalav | 1 Totalav | 2026-01-21 | N/A | 7.8 HIGH |
| Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file | |||||
| CVE-2024-27460 | 1 Hp | 1 Poly Plantronics Hub | 2026-01-21 | N/A | 6.7 MEDIUM |
| A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below. | |||||
| CVE-2018-25148 | 1 Microhardcorp | 22 Bullet-3g, Bullet-3g Firmware, Bullet-lte and 19 more | 2026-01-21 | N/A | 8.8 HIGH |
| Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interface that allow attackers to create crontab jobs and modify system startup scripts. Attackers can exploit hidden admin features to execute arbitrary commands with root privileges, including starting services, disabling firewalls, and writing files to the system. | |||||
| CVE-2025-6325 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
| Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king-addons allows Privilege Escalation.This issue affects King Addons for Elementor: from n/a through <= 51.1.36. | |||||
| CVE-2025-64188 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
| Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege Escalation.This issue affects Soledad: from n/a through <= 8.6.9. | |||||
| CVE-2025-62034 | 2026-01-20 | N/A | 8.8 HIGH | ||
| Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. | |||||
| CVE-2025-62007 | 2026-01-20 | N/A | 8.8 HIGH | ||
| Incorrect Privilege Assignment vulnerability in bPlugins Voice Feedback voice-feedback allows Privilege Escalation.This issue affects Voice Feedback: from n/a through <= 1.0.3. | |||||
| CVE-2025-60243 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
| Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through <= 1.2.46. | |||||
| CVE-2025-60222 | 2026-01-20 | N/A | 8.8 HIGH | ||
| Incorrect Privilege Assignment vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Privilege Escalation.This issue affects SUMO Memberships for WooCommerce: from n/a through <= 7.6.0. | |||||
| CVE-2025-60220 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
| Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through <= 3.0.0. | |||||
| CVE-2025-60211 | 2026-01-20 | N/A | 8.8 HIGH | ||
| Incorrect Privilege Assignment vulnerability in extendons WooCommerce Registration Fields Plugin - Custom Signup Fields extendons-registration-fields allows Privilege Escalation.This issue affects WooCommerce Registration Fields Plugin - Custom Signup Fields: from n/a through <= 3.2.3. | |||||
| CVE-2025-60195 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
| Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Privilege Escalation.This issue affects Atarim: from n/a through <= 4.2. | |||||
| CVE-2025-59580 | 2026-01-20 | N/A | 8.8 HIGH | ||
| Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through < 2.1.7. | |||||
| CVE-2025-59134 | 2026-01-20 | N/A | 8.8 HIGH | ||
| Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through <= 1.5.8. | |||||
| CVE-2025-58710 | 2026-01-20 | N/A | 8.6 HIGH | ||
| Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through <= 1.4.0. | |||||