Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-267

CWE-267

Privilege Defined With Unsafe Actions

Parent: CWE-269 - Improper Privilege Management

A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.

64 vulnerabilities with CWE-267

CVE-2025-7691 MEDIUM

GitLab EE <18.2.7-<18.3.3-<18.4.1 - Privilege Escalation

CVE-2025-26467 HIGH

Apache Cassandra <4.0.16 - Privilege Escalation

CVE-2025-47811 MEDIUM

Wing FTP Server <= 7.4.4 - Authenticated Privilege Escalation via Administrative Web Interface

CVE-2025-7030 MEDIUM

Drupal TFA <1.11.0 - Privilege Escalation

CVE-2025-2903 HIGH

Google Cloud Platform - Privilege Escalation

CVE-2025-23015 HIGH

Apache Cassandra <4.1.8 - Privilege Escalation

CVE-2024-55968 HIGH

DTX DEC-M <6.1.1 - Privilege Escalation

CVE-2024-9842 HIGH

Ivanti Secure Access Client < 22.7R4 - Authenticated Arbitrary Folder Creation via Incorrect Permissions

CVE-2024-8539 HIGH

Ivanti Secure Access Client <22.7R3 - Privilege Escalation

CVE-2024-7571 HIGH

Ivanti Secure Access Client <22.7R4 - Privilege Escalation

CVE-2024-47906 HIGH

Ivanti Connect Secure <22.7R2.3 - Privilege Escalation

CVE-2024-8631 MEDIUM

GitLab 16.6-17.1.6, 17.2-17.2.4, 17.3-17.3.1 - Privilege Escalation via Admin Group Member Role

CVE-2024-5623 HIGH

B&R APROL <= R 4.4-00P3 - Privilege Escalation

CVE-2024-5622 HIGH

B&R APROL <4.2.07P3, <4.4-00P3 - Privilege Escalation

CVE-2024-20411 MEDIUM

Cisco NX-OS Software - Privilege Escalation

CVE-2024-42365 HIGH

Asterisk < 18.24.2 - Remote Code Execution

CVE-2024-39866 HIGH

SINEMA Remote Connect Server <V3.2 SP1 - Privilege Escalation

CVE-2024-32901 HIGH

Android - Local Privilege Escalation via v4l2_smfc_qbuf Bounds Check Bypass

CVE-2023-28049 MEDIUM

Dell Command | Monitor < 10.9.1 - Authenticated Arbitrary Folder Deletion

CVE-2023-41966 MEDIUM

Sielco Analog FM Transmitter Firmware - Privilege Escalation via HTTP POST Parameter

CVE-2023-43746 HIGH

F5 BIG-IP - Authenticated Privilege Escalation via External Monitor Bypass

CVE-2023-44218 HIGH

SonicWall NetExtender < 10.2.336 - Unauthenticated Local Privilege Escalation via Pre-Logon Feature

CVE-2023-32457 HIGH

Dell PowerScale OneFS 9.2.1.0-9.2.1.21 and 9.5.0.0-9.5.0.2 - Privilege Escalation

CVE-2023-22647 CRITICAL

SUSE Rancher - Privilege Escalation

CVE-2023-2983 HIGH

pimcore/pimcore <10.5.23 - Privilege Escalation

Previous Page 2 of 3 Next

Details

Vulnerabilities 64

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy