Total
2608 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42468 | 1 Azmobileapps | 1 Color Phone | 2026-06-17 | N/A | 5.3 MEDIUM |
| The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to initiate phone calls without user consent, because of improper export of the com.cutestudio.dialer.activities.DialerActivity component. A third-party application (without any permissions) can craft an intent targeting com.cutestudio.dialer.activities.DialerActivity via the android.intent.action.CALL action in conjunction with a tel: URI, thereby placing a phone call. | |||||
| CVE-2023-41966 | 1 Sielco | 30 Analog Fm Transmitter Exc1000gt, Analog Fm Transmitter Exc1000gt Firmware, Analog Fm Transmitter Exc1000gx and 27 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter. | |||||
| CVE-2023-41957 | 1 Simple-membership-plugin | 1 Simple Membership | 2026-06-17 | N/A | 8.6 HIGH |
| Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through 4.3.4. | |||||
| CVE-2023-41955 | 1 Wpdeveloper | 1 Essential Addons For Elementor | 2026-06-17 | N/A | 8.8 HIGH |
| Improper Privilege Management vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.This issue affects Essential Addons for Elementor: from n/a through 5.8.8. | |||||
| CVE-2023-41954 | 1 Properfraction | 1 Profilepress | 2026-06-17 | N/A | 8.6 HIGH |
| Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1. | |||||
| CVE-2023-41776 | 1 Zte | 1 Zxcloud Irai | 2026-06-17 | N/A | 6.7 MEDIUM |
| There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular user privileges can create a fake process, and to escalate local privileges. | |||||
| CVE-2023-41743 | 2 Acronis, Microsoft | 4 Agent, Cyber Protect, Cyber Protect Home Office and 1 more | 2026-06-17 | N/A | 7.8 HIGH |
| Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278, Acronis Cyber Protect Cloud Agent (Windows) before build 31637, Acronis Cyber Protect 15 (Windows) before build 35979, Acronis True Image OEM (Windows) before build 42575. | |||||
| CVE-2023-41715 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2026-06-17 | N/A | 8.8 HIGH |
| SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel. | |||||
| CVE-2023-41665 | 1 Givewp | 1 Givewp | 2026-06-17 | N/A | 8.8 HIGH |
| Improper Privilege Management vulnerability in GiveWP allows Privilege Escalation.This issue affects GiveWP: from n/a through 2.33.0. | |||||
| CVE-2023-41301 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 7.5 HIGH |
| Vulnerability of unauthorized API access in the PMS module. Successful exploitation of this vulnerability may cause features to perform abnormally. | |||||
| CVE-2023-41243 | 1 Wpvivid | 1 Migration\, Backup\, Staging | 2026-06-17 | N/A | 8.8 HIGH |
| Improper Privilege Management vulnerability in WPvivid Team WPvivid Backup and Migration allows Privilege Escalation.This issue affects WPvivid Backup and Migration: from n/a through 0.9.90. | |||||
| CVE-2023-41138 | 1 Appsanywhere | 1 Appsanywhere Client | 2026-06-17 | N/A | 7.5 HIGH |
| The AppsAnywhere macOS client-privileged helper can be tricked into executing arbitrary commands with elevated permissions by a local user process. | |||||
| CVE-2023-41119 | 1 Enterprisedb | 1 Postgres Advanced Server | 2026-06-17 | N/A | 8.8 HIGH |
| An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It contains the function _dbms_aq_move_to_exception_queue that may be used to elevate a user's privileges to superuser. This function accepts the OID of a table, and then accesses that table as the superuser by using SELECT and DML commands. | |||||
| CVE-2023-41099 | 1 Atos | 1 Eviden Cardos Api | 2026-06-17 | N/A | 7.8 HIGH |
| In the Windows installer in Atos Eviden CardOS API before 5.5.5.2811, Local Privilege Escalation can occur.(from a regular user to SYSTEM). | |||||
| CVE-2023-41076 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 7.3 HIGH |
| An app may be able to elevate privileges. This issue is fixed in macOS 14. This issue was addressed by removing the vulnerable code. | |||||
| CVE-2023-41053 | 1 Redis | 1 Redis | 2026-06-17 | N/A | 3.3 LOW |
| Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been fixed in Redis 7.0.13 and 7.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-41036 | 1 Macvim | 1 Macvim | 2026-06-17 | N/A | 7.8 HIGH |
| Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an insecure interprocess communication (IPC) mechanism which could lead to a privilege escalation. Distributed objects are a concept introduced by Apple which allow one program to vend an interface to another program. What is not made clear in the documentation is that this service can vend this interface to any other program on the machine. The impact of exploitation is a privilege escalation to root - this is likely to affect anyone who is not careful about the software they download and use MacVim to edit files that would require root privileges. Version 178 contains a fix for this issue. | |||||
| CVE-2023-40918 | 1 Knowstreaming Project | 1 Knowstreaming | 2026-06-17 | N/A | 8.8 HIGH |
| KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users can create a new user with an admin role. | |||||
| CVE-2023-40686 | 1 Ibm | 1 I | 2026-06-17 | N/A | 4.9 MEDIUM |
| Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system. IBM X-Force ID: 264114. | |||||
| CVE-2023-40685 | 1 Ibm | 1 I | 2026-06-17 | N/A | 7.4 HIGH |
| Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Force ID: 264116. | |||||