Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-269

CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,829 vulnerabilities with CWE-269

CVE-2024-49742 HIGH

NotificationAccessConfirmationActivity - Privilege Escalation

CVE-2024-55954 HIGH

OpenObserve < 0.14.1 - Authenticated Privilege Escalation via User Removal Endpoint

CVE-2024-9636 CRITICAL

Post Grid and Gutenberg Blocks <2.3.3 - Privilege Escalation

CVE-2024-12398 HIGH

Zyxel NWA/WA/WAX Firmware Authenticated Privilege Escalation via Config Upload

CVE-2024-11128 HIGH

Bitdefender Virus Scanner < 3.18 - Unauthenticated .dynamic Library Injection via DYLD Injection

CVE-2024-53706 HIGH

Gen7 SonicOS Cloud - Privilege Escalation

CVE-2024-56447 HIGH

Window Management Module - Info Disclosure

CVE-2024-55632 HIGH

Trend Micro Apex One < 14.0.14203 and < 2019.13140 - Local Privilege Escalation via Security Agent Link Following

CVE-2024-55631 HIGH

Trend Micro Apex One < 14.0.14203 and < 2019.13140 - Privilege Escalation via Engine Link Following

CVE-2024-13058 MEDIUM

SoftIron HyperCloud <2.5.0 - Privilege Escalation

CVE-2024-56335 HIGH

vaultwarden < 1.32.7 - Authenticated Privilege Escalation and Denial of Service via Group Manipulation

CVE-2024-12786 HIGH

X1a0He Adobe Downloader <1.3.1 - Privilege Escalation

CVE-2024-38499 HIGH

CA Client Automation - Info Disclosure

CVE-2024-55949 CRITICAL

MinIO >= RELEASE.2022-06-25T15-50-16Z < RELEASE.2024-12-13T22-19-12Z - Privilege Escalation via IAM Import API

CVE-2024-11721 HIGH

Frontend Admin by DynamiApps <3.24.5 - Privilege Escalation

CVE-2024-49035 HIGH KEV

Partner.Microsoft.com - Unauthenticated Privilege Escalation

CVE-2024-52336 HIGH

Fast Datapath for Red Hat Enterprise Linux - Privilege Escalation via Tuned D-Bus instance_create Function

CVE-2024-38830 HIGH

VMware Aria Operations 8.0-8.18.1 - Local Privilege Escalation to Root

CVE-2024-9941 HIGH

WPGYM - Wordpress Gym Management System <67.1.0 - Privilege Escalation

CVE-2024-31141 MEDIUM

Apache Kafka Clients - Improper Privilege Management

CVE-2024-52926 MEDIUM

Delinea Privilege Manager <12.0.2 - Privilege Escalation

CVE-2024-9192 HIGH

WordPress Video Robot - Privilege Escalation

CVE-2024-52516 LOW

Nextcloud Server 26.0.0-26.0.13.8 and 28.0.0-28.0.8 - Improper Privilege Management

CVE-2024-8068 HIGH KEV

Citrix Session Recording - Privilege Escalation

CVE-2024-49558 HIGH

Dell SmartFabric OS10 Software <10.5.6 - Privilege Escalation

Previous Page 28 of 114 Next

Details

Vulnerabilities 2,829

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy