ReportizFlow
Filtered by vendor
Subscriptions
Total
2686 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22165 | 1 Atlassian | 1 Sourcetree | 2026-02-26 | 7.3 High |
| This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8 of Sourcetree for Mac. This ACE (Arbitrary Code Execution) vulnerability, with a CVSS Score of 5.9, allows a locally authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Sourcetree for Mac users upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://www.sourcetreeapp.com/download-archives . You can download the latest version of Sourcetree for Mac from the download center https://www.sourcetreeapp.com/download-archives . This vulnerability was found through the Atlassian Bug Bounty Program by Karol Mazurek (AFINE). | ||||
| CVE-2025-26513 | 1 Netapp | 2 San Host Utilities, Windows Host Utilities | 2026-02-26 | 7 High |
| The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a vulnerability which when successfully exploited could allow a local user to escalate their privileges. | ||||
| CVE-2025-36890 | 1 Google | 1 Android | 2026-02-26 | 9.8 Critical |
| Elevation of Privilege | ||||
| CVE-2025-36891 | 1 Google | 1 Android | 2026-02-26 | 8.8 High |
| Elevation of privilege | ||||
| CVE-2025-36896 | 1 Google | 1 Android | 2026-02-26 | 9.8 Critical |
| WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-394765106. | ||||
| CVE-2025-36901 | 1 Google | 2 Android, Pixel | 2026-02-26 | 8.8 High |
| WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396462223. | ||||
| CVE-2025-36904 | 1 Google | 1 Android | 2026-02-26 | 9.8 Critical |
| WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396458384. | ||||
| CVE-2025-26435 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26462 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In AccessibilityServiceConnection.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-32345 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-43722 | 1 Dell | 1 Powerscale Onefs | 2026-02-26 | 6.7 Medium |
| Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | ||||
| CVE-2025-10578 | 1 Hp | 2 Hp, Support Assistant | 2026-02-26 | 7.8 High |
| A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. | ||||
| CVE-2025-46364 | 1 Dell | 1 Cloudlink | 2026-02-26 | 9.1 Critical |
| Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system. | ||||
| CVE-2025-12726 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-02-26 | 7.5 High |
| Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-24307 | 1 Intel | 2 Cip Software, Computing Improvement Program | 2026-02-26 | 2 Low |
| Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data manipulation. This result may potentially occur via network access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-24838 | 1 Intel | 2 Cip Software, Computing Improvement Program | 2026-02-26 | 8.8 High |
| Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via network access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-59514 | 1 Microsoft | 26 Windows 10, Windows 10 1607, Windows 10 1809 and 23 more | 2026-02-26 | 7.8 High |
| Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-20346 | 1 Cisco | 2 Catalyst Center, Digital Network Architecture Center | 2026-02-26 | 4.3 Medium |
| A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. | ||||
| CVE-2025-40548 | 2 Microsoft, Solarwinds | 2 Windows, Serv-u | 2026-02-26 | 9.1 Critical |
| A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default. | ||||
| CVE-2025-48982 | 2 Microsoft, Veeam | 4 Windows, Agent, Veeam and 1 more | 2026-02-26 | 7.8 High |
| This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a system administrator is tricked into restoring a malicious file. | ||||