Total
2606 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-0751 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | |||||
| CVE-2024-0622 | 1 Microfocus | 1 Operations Agent | 2026-06-17 | N/A | 8.8 HIGH |
| Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation. | |||||
| CVE-2024-0439 | 1 Mintplexlabs | 1 Anythingllm | 2026-06-17 | N/A | 8.8 HIGH |
| As a manager, you should not be able to modify a series of settings. In the UI this is indeed hidden as a convenience for the role since most managers would not be savvy enough to modify these settings. They can use their token to still modify those settings though through a standard HTTP request While this is not a critical vulnerability, it does indeed need to be patched to enforce the expected permission level. | |||||
| CVE-2024-0353 | 1 Eset | 9 Endpoint Antivirus, Endpoint Security, File Security and 6 more | 2026-06-17 | N/A | 7.8 HIGH |
| Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. | |||||
| CVE-2024-0197 | 2 Microsoft, Thalesgroup | 2 Windows, Sentinel Hasp Ldk | 2026-06-17 | N/A | 7.8 HIGH |
| A flaw in the installer for Thales SafeNet Sentinel HASP LDK prior to 9.16 on Windows allows an attacker to escalate their privilege level via local access. | |||||
| CVE-2024-0172 | 1 Dell | 186 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 183 more | 2026-06-17 | N/A | 7.9 HIGH |
| Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation. | |||||
| CVE-2024-0097 | 2 Microsoft, Nvidia | 2 Windows, Chatrtx | 2026-06-17 | N/A | 7.5 HIGH |
| NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering. | |||||
| CVE-2024-0096 | 2 Microsoft, Nvidia | 2 Windows, Chatrtx | 2026-06-17 | N/A | 7.5 HIGH |
| NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an improper privilege management issue by sending user inputs to change execution flow. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering. | |||||
| CVE-2024-0049 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-0046 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-0024 | 1 Google | 1 Android | 2026-06-17 | N/A | 7.8 HIGH |
| In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2024-0003 | 1 Purestorage | 1 Purity\/\/fa | 2026-06-17 | N/A | 9.1 CRITICAL |
| A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access. | |||||
| CVE-2023-7343 | 2026-06-17 | N/A | 7.8 HIGH | ||
| Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision process. | |||||
| CVE-2023-7342 | 2026-06-17 | N/A | 8.8 HIGH | ||
| HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device. | |||||
| CVE-2023-7241 | 2026-06-17 | N/A | 7.9 HIGH | ||
| Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files. | |||||
| CVE-2023-7090 | 1 Sudo Project | 1 Sudo | 2026-06-17 | N/A | 6.6 MEDIUM |
| A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them. | |||||
| CVE-2023-7016 | 2 Microsoft, Thalesgroup | 2 Windows, Safenet Authentication Client | 2026-06-17 | N/A | 7.8 HIGH |
| A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to execute code at a SYSTEM level via local access. | |||||
| CVE-2023-6804 | 1 Github | 1 Enterprise Server | 2026-06-17 | N/A | 6.5 MEDIUM |
| Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. To exploit this, a workflow must have already existed in the target repo. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | |||||
| CVE-2023-6793 | 1 Paloaltonetworks | 1 Pan-os | 2026-06-17 | N/A | 2.7 LOW |
| An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage. | |||||
| CVE-2023-6740 | 2 Checkmk, Tribe29 | 2 Checkmk, Checkmk | 2026-06-17 | N/A | 8.8 HIGH |
| Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges | |||||