CWE-250

Medium likelihood

Execution with Unnecessary Privileges

Parent: CWE-269 - Improper Privilege Management

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

326 vulnerabilities with CWE-250
CVE-2023-6006 HIGH
PaperCut MF and NG < 23.0.1 - Privilege Escalation via Unsecured Executable Load in pc-pdl-to-image
CVSS 7.8
CVE-2023-43018 MEDIUM
IBM CICS TX Standard <11.1, Advanced <10.1.11.1 - Privilege Escalation
CVSS 5.9
CVE-2023-27313 HIGH
SnapCenter <4.9 - Privilege Escalation
CVSS 8.3
CVE-2023-27312 MEDIUM
SnapCenter Plugin for VMware vSphere <4.9 - Privilege Escalation
CVSS 5.4
CVE-2023-1943 HIGH
kOps <GCE/GCP Provider - Privilege Escalation
CVSS 8.0
CVE-2023-5207 HIGH
GitLab CE/EE <16.2.8-16.4.1 - Authenticated RCE
CVSS 8.2
CVE-2023-4003 HIGH
One Identity Password Manager <5.9.7.1 - Privilege Escalation
CVSS 7.6
CVE-2023-4662 CRITICAL
Adobe Connect < 9.0 - Remote Code Inclusion via Unnecessary Privileges
CVSS 9.8
CVE-2023-4814 HIGH
Trellix Windows DLP - Privilege Escalation
CVSS 7.1
CVE-2023-31175 HIGH
SEL-5037 SEL Grid Configurator <4.5.0.20 - Privilege Escalation
CVSS 8.8
CVE-2023-20217 MEDIUM
Cisco ThousandEyes Enterprise Agent - Privilege Escalation
CVSS 5.5
CVE-2023-32486 MEDIUM
Dell PowerScale OneFS 9.5.0.0-9.5.0.3 - Privilege Escalation
CVSS 6.7
CVE-2023-38641 HIGH
SICAM TOOLBOX II <V07.10 - Privilege Escalation
CVSS 7.8
CVE-2023-39508 HIGH
Apache Airflow < 2.6.0 - Authenticated Privilege Escalation and DAG Access Bypass via Run Task Feature
CVSS 8.8
CVE-2023-39261 MEDIUM
JetBrains IntelliJ IDEA <2023.2 - Privilege Escalation
CVSS 5.2
CVE-2023-20210 MEDIUM
Cisco BroadWorks - Privilege Escalation
CVSS 6.0
CVE-2023-34118 HIGH
Zoom Rooms for Windows <5.14.5 - Privilege Escalation
CVSS 7.3
CVE-2023-25521 HIGH
NVIDIA DGX A100/A800 Firmware < 1.21 - Privilege Escalation via SBIOS Input Parameter Validation
CVSS 7.5
CVE-2023-2002 MEDIUM
Linux Kernel < 6.4 - Unauthorized Bluetooth Management Command Execution via HCI Sockets
CVSS 6.8
CVE-2023-32080 CRITICAL
Wings <1.7.5 & 1.11.0 <1.11.6 - Code Injection
CVSS 9.0
CVE-2023-1966 HIGH
Instruments with Illumina Universal Copy Service v1.x-v2.x - Privil...
CVSS 7.4
CVE-2023-0664 HIGH
QEMU Guest Agent - Privilege Escalation
CVSS 7.8
CVE-2023-27247 MEDIUM
Cynet Client Agent <4.6.0.8010 - Privilege Escalation
CVSS 4.4
CVE-2023-27010 HIGH
Wondershare Dr.Fone <12.9.6 - Privilege Escalation
CVSS 7.8
CVE-2022-38695 HIGH
Unisoc SC9863A/T310/T610/T618/T606/T612/T616/T760/T770/T820/S8000 - Local Privilege Escalation via BootRom Command Index
CVSS 7.8
Details
Vulnerabilities 326
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits