Total
2550 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3301 | 3 Canonical, Linux, Suse | 3 Ubuntu Linux, Linux Kernel, Linux Enterprise Real Time Extension | 2026-06-16 | 7.2 HIGH | N/A |
| The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression. | |||||
| CVE-2009-2848 | 8 Canonical, Fedoraproject, Linux and 5 more | 13 Ubuntu Linux, Fedora, Linux Kernel and 10 more | 2026-06-16 | 5.9 MEDIUM | N/A |
| The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. | |||||
| CVE-2009-0080 | 1 Microsoft | 2 Windows Server 2008, Windows Vista | 2026-06-16 | 6.9 MEDIUM | N/A |
| The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability." | |||||
| CVE-2008-2931 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2026-06-16 | 7.2 HIGH | 7.8 HIGH |
| The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. | |||||
| CVE-2008-2271 | 1 Site Documentation Project | 1 Site Documentation | 2026-06-16 | 5.0 MEDIUM | N/A |
| The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the "access content" permission to list tables and obtain session IDs from the database. | |||||
| CVE-2007-2444 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2026-06-16 | 7.2 HIGH | N/A |
| Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user. | |||||
| CVE-2006-4243 | 1 Linux-vserver | 1 Linux-vserver | 2026-06-16 | 10.0 HIGH | 9.8 CRITICAL |
| linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code. | |||||
| CVE-2004-1349 | 2 Gnu, Oracle | 2 Gzip, Solaris | 2026-06-16 | 2.1 LOW | N/A |
| gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. | |||||
| CVE-2002-0367 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-06-16 | 7.2 HIGH | 7.8 HIGH |
| smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. | |||||
| CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2026-06-16 | 2.1 LOW | N/A |
| rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | |||||
| CVE-2002-0049 | 1 Microsoft | 1 Exchange Server | 2026-06-16 | 6.4 MEDIUM | N/A |
| Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. | |||||
| CVE-1999-0084 | 1 Sun | 1 Nfs | 2026-06-16 | 7.2 HIGH | 8.4 HIGH |
| Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. | |||||
| CVE-2026-12313 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-06-16 | N/A | 4.7 MEDIUM |
| Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | |||||
| CVE-2026-12289 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-06-16 | N/A | 8.8 HIGH |
| Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | |||||
| CVE-2026-39118 | 2026-06-16 | N/A | 8.4 HIGH | ||
| An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality. | |||||
| CVE-2024-38487 | 2026-06-16 | N/A | 7.0 HIGH | ||
| api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions. | |||||
| CVE-2026-36213 | 2026-06-16 | N/A | 7.8 HIGH | ||
| An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component. | |||||
| CVE-2025-9912 | 2026-06-16 | N/A | 6.3 MEDIUM | ||
| Nokia SR Linux is vulnerable to a local privilege escalation vulnerability. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privilege. | |||||
| CVE-2026-8176 | 2026-06-16 | N/A | 7.5 HIGH | ||
| The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent (Agent+) to overwrite a WordPress Administrator's password without ever invoking an Administrator-only API. This makes it possible for authenticated attackers, with Agent access and above, to elevate their privileges to Administrator. | |||||
| CVE-2026-46716 | 2026-06-15 | N/A | 9.9 CRITICAL | ||
| Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleMember user can create a scheduled cron task with Cover=CronCoverAll, Servers=[] and an arbitrary Command. At every tick of the scheduler, the dashboard pushes that command to every server in the global ServerShared map — including servers that belong to other tenants (admin's servers, other members' servers). Each agent runs the command and returns the output, which is then sent to the attacker's own NotificationGroup → attacker-controlled webhook. This issue has been patched in version 2.0.8. | |||||