Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-266

CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

926 vulnerabilities with CWE-266

CVE-2024-27453 HIGH

Extreme XOS <22.6.1.4 - Privilege Escalation

CVE-2024-31760 MEDIUM

flipped-aurora gin-vue-admin <2.4 - Privilege Escalation

CVE-2024-2409 CRITICAL

MasterStudy LMS <3.3.1 - Privilege Escalation

CVE-2024-3013 MEDIUM

FLIR AX8 Firmware < 1.46.16 - Improper Authorization via User Registration

CVE-2024-20320 HIGH

Cisco IOS XR - Privilege Escalation

CVE-2024-23288 HIGH

iPadOS < 17.4 - Privilege Escalation

CVE-2024-25083 MEDIUM

BeyondTrust Privilege Management <24.1 - Privilege Escalation

CVE-2024-23976 MEDIUM

F5 BIG-IP and BIG-IQ - Authenticated Privilege Escalation via iAppsLX Template Bypass

CVE-2023-26280 MEDIUM

IBM Jazz Foundation <7.0.3 - Info Disclosure

CVE-2023-7270 MEDIUM

SoftMaker Office/FreOffice <1214 - Local Privilege Escalation

CVE-2023-38298 HIGH

TCL 30Z A3X 20XE 10L - Unauthenticated IMEI Leak via System Property

CVE-2023-38296 HIGH

TCL 30Z and A3X - Unauthenticated ICCID Exposure via System Property

CVE-2023-50437 HIGH

Couchbase Server < 7.2.4 - Incorrect Privilege Assignment via otpCookie Exposure

CVE-2023-6477 MEDIUM

GitLab EE <16.7.6-16.8.3-16.9.1 - Privilege Escalation

CVE-2023-40109 HIGH

Android - Local Privilege Escalation via UsbConfiguration Parcel Handling

CVE-2023-6815 MEDIUM

Mitsubishielectric R08sfcpu Firmware - Incorrect Privilege Assignment

CVE-2023-5080 MEDIUM

Lenovo Tablet - Privilege Escalation

CVE-2023-49647 HIGH

Zoom Desktop Client, VDI Client, and SDKs for Windows < 5.16.10 - Authenticated Privilege Escalation via Local Access

CVE-2023-47140 MEDIUM

IBM CICS Transaction Gateway 9.3 - Unauthorized File Access via Improper Access Controls

CVE-2023-29066 LOW

FACSChorus - Improper Privilege Management in Local Application Data Folders

CVE-2023-6009 HIGH

UserPro WordPress <5.1.4 - Privilege Escalation

CVE-2023-5913 HIGH

Fortify ScanCentral DAST 21.1-23.1 - Incorrect Privilege Assignment

CVE-2023-5077 HIGH

HashiCorp Vault < 1.13.0 - Incorrect Privilege Assignment in Google Cloud Secrets Engine

CVE-2023-3775 MEDIUM

Vault 0.11.0-1.13.7 - Denial of Service via Sentinel Role Governing Policy

CVE-2023-4153 HIGH

BAN Users < 1.5.3 - Authenticated Privilege Escalation via Missing Capability Check

Previous Page 33 of 38 Next

Details

Vulnerabilities 926

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy