CWE-250

Medium likelihood

Execution with Unnecessary Privileges

Parent: CWE-269 - Improper Privilege Management

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

303 vulnerabilities with CWE-250
CVE-2025-57119 CRITICAL
Online Library Management System <3.0 - Privilege Escalation
CVSS 9.8
CVE-2025-42958 CRITICAL
SAP NetWeaver - Info Disclosure
CVSS 9.1
CVE-2025-0080 HIGH
Google Android Tapjacking/Overlay Attack - Privilege Escalation
CVSS 7.8
CVE-2025-0079 HIGH
Multiple Locations - Privilege Escalation
CVSS 7.8
CVE-2025-0078 HIGH
Google Android SELinux Bypass - Privilege Escalation
CVSS 8.8
CVE-2025-50753 HIGH
Mitrastar GPT-2741GNAC-N2 - Command Injection
CVSS 8.4
CVE-2025-33120 HIGH
IBM QRadar SIEM <7.5.0 UP13 - Privilege Escalation
CVSS 7.8
CVE-2025-21110 MEDIUM
Dell Data Lakehouse < 1.5.0.0 - Denial of Service
CVSS 6.7
CVE-2025-8907 HIGH
H3C M2 NAS V100R006 - Privilege Escalation
CVSS 7.0
CVE-2025-40767 HIGH
SINEC Traffic Analyzer <V3.0 - Privilege Escalation
CVSS 7.8
CVE-2025-3892 MEDIUM
Axis OS < 12.5.31 - Privilege Escalation
CVSS 6.7
CVE-2025-42943 MEDIUM
SAP GUI for Windows - Info Disclosure
CVSS 4.5
CVE-2025-55077 HIGH
Tyler Technologies ERP Pro 9 SaaS - Command Injection
CVSS 7.4
CVE-2025-33109 HIGH
IBM i <7.7 - Privilege Escalation
CVSS 7.5
CVE-2025-43487 MEDIUM
Poly Clariti Manager <10.12.2 - Privilege Escalation
CVSS 6.8
CVE-2025-46116 HIGH
CommScope Ruckus Unleashed <200.15.6.212.14, 200.17.7.0.139 - Privi...
CVSS 8.8
CVE-2025-24331 MEDIUM
Single RAN baseband - Privilege Escalation
CVSS 6.4
CVE-2025-6019 HIGH
libblockdev - Privilege Escalation
CVSS 7.0
CVE-2025-36048 HIGH
IBM webMethods Integration Server <10.15 - Privilege Escalation
CVSS 7.2
CVE-2025-1411 HIGH
IBM Security Verify Directory Container <10.0.3.1 - Privilege Escal...
CVSS 7.8
CVE-2025-33108 HIGH
IBM Backup, Recovery and Media Services for i 7.4-7.5 - Privilege E...
CVSS 8.5
CVE-2025-49581 HIGH
XWiki - RCE
CVSS 8.8
CVE-2025-5196 MEDIUM
Wing FTP Server <7.4.3 - Privilege Escalation
CVSS 6.6
CVE-2025-33103 HIGH
IBM TCP/IP Connectivity Utilities - Privilege Escalation
CVSS 8.5
CVE-2025-0921 MEDIUM
Mitsubishi Electric GENESIS64 <all - Privilege Escalation
CVSS 6.5
Details
Vulnerabilities 303
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits