CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-269

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-34008 269 2022-06-21 2022-06-28
7.2
None Local Low Not required Complete Complete Complete
Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder.
2 CVE-2022-32272 269 2022-06-09 2022-06-21
7.5
None Remote Low Not required Partial Partial Partial
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.
3 CVE-2022-31496 269 2022-06-09 2022-06-17
9.0
None Remote Low ??? Complete Complete Complete
LibreHealth EHR Base 2.0.0 allows incorrect interface/super/manage_site_files.php access.
4 CVE-2022-31464 269 2022-06-16 2022-06-28
7.2
None Local Low Not required Complete Complete Complete
Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path.
5 CVE-2022-31267 269 2022-05-21 2022-06-07
7.5
None Remote Low Not required Partial Partial Partial
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "#admin"' value.
6 CVE-2022-31219 269 2022-06-15 2022-06-24
7.2
None Local Low Not required Complete Complete Complete
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
7 CVE-2022-31218 269 2022-06-15 2022-06-24
7.2
None Local Low Not required Complete Complete Complete
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
8 CVE-2022-31217 269 2022-06-15 2022-06-24
7.2
None Local Low Not required Complete Complete Complete
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
9 CVE-2022-31216 269 2022-06-15 2022-06-24
7.2
None Local Low Not required Complete Complete Complete
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
10 CVE-2022-31214 269 +Priv 2022-06-09 2022-06-23
7.2
None Local Low Not required Complete Complete Complete
A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo.
11 CVE-2022-30804 269 2022-06-02 2022-06-10
5.5
None Remote Low ??? None Partial Partial
elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=.
12 CVE-2022-30743 269 2022-06-07 2022-06-11
5.0
None Remote Low Not required Partial None None
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.
13 CVE-2022-30739 269 2022-06-07 2022-06-11
4.0
None Remote Low ??? Partial None None
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number with a normal level permission.
14 CVE-2022-30736 269 2022-06-07 2022-06-11
5.0
None Remote Low Not required Partial None None
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.
15 CVE-2022-30735 269 2022-06-07 2022-06-11
5.0
None Remote Low Not required Partial None None
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission.
16 CVE-2022-30695 269 2022-05-16 2022-05-24
4.6
None Local Low Not required Partial Partial Partial
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640
17 CVE-2022-30688 269 2022-05-17 2022-05-25
4.6
None Local Low Not required Partial Partial Partial
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
18 CVE-2022-30610 269 2022-06-10 2022-06-17
3.5
None Remote Medium ??? None Partial None
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it. An administrator could enter a link to a malicious URL that another administrator could then click. Once clicked, that malicious URL could then rewrite the original page with a phishing page. IBM X-Force ID: 227363.
19 CVE-2022-30154 269 2022-06-15 2022-06-24
2.1
None Remote High ??? None Partial None
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability.
20 CVE-2022-30151 269 2022-06-15 2022-06-27
4.4
None Local Medium Not required Partial Partial Partial
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.
21 CVE-2022-30150 269 2022-06-15 2022-06-25
6.8
None Remote Medium Not required Partial Partial Partial
Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability.
22 CVE-2022-29849 269 2022-05-02 2022-05-10
7.2
None Local Low Not required Complete Complete Complete
In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system.
23 CVE-2022-29333 269 2022-05-24 2022-06-07
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file.
24 CVE-2022-29179 269 2022-05-20 2022-06-03
7.2
None Local Low Not required Complete Complete Complete
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium's Kubernetes service account. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. There are no known workarounds available.
25 CVE-2022-29125 269 2022-05-10 2022-05-23
4.4
None Local Medium Not required Partial Partial Partial
Windows Push Notifications Apps Elevation of Privilege Vulnerability.
26 CVE-2022-27659 269 2022-05-05 2022-05-13
4.0
None Remote Low ??? None Partial None
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface (TMUI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
27 CVE-2022-27421 269 2022-04-15 2022-04-25
6.5
None Remote Low ??? Partial Partial Partial
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin.
28 CVE-2022-26938 269 2022-05-10 2022-05-19
4.4
None Local Medium Not required Partial Partial Partial
Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26932, CVE-2022-26939.
29 CVE-2022-26914 269 2022-04-15 2022-04-26
4.6
None Local Low Not required Partial Partial Partial
Win32k Elevation of Privilege Vulnerability.
30 CVE-2022-26912 269 2022-04-05 2022-04-12
5.1
None Remote High Not required Partial Partial Partial
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909.
31 CVE-2022-26909 269 2022-04-05 2022-04-12
5.1
None Remote High Not required Partial Partial Partial
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26912.
32 CVE-2022-26908 269 2022-04-05 2022-04-12
5.1
None Remote High Not required Partial Partial Partial
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26909, CVE-2022-26912.
33 CVE-2022-26900 269 2022-04-05 2022-04-12
5.1
None Remote High Not required Partial Partial Partial
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912.
34 CVE-2022-26895 269 2022-04-05 2022-04-12
5.1
None Remote High Not required Partial Partial Partial
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912.
35 CVE-2022-26894 269 2022-04-05 2022-04-12
5.1
None Remote High Not required Partial Partial Partial
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912.
36 CVE-2022-26891 269 2022-04-05 2022-04-12
5.1
None Remote High Not required Partial Partial Partial
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912.
37 CVE-2022-26803 269 2022-04-15 2022-04-18
7.2
None Local Low Not required Complete Complete Complete
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802.
38 CVE-2022-26802 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26803.
39 CVE-2022-26801 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26802, CVE-2022-26803.
40 CVE-2022-26798 269 2022-04-15 2022-04-19
7.2
None Local Low Not required Complete Complete Complete
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
41 CVE-2022-26797 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
42 CVE-2022-26796 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
43 CVE-2022-26795 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
44 CVE-2022-26794 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
45 CVE-2022-26793 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
46 CVE-2022-26792 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
47 CVE-2022-26791 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
48 CVE-2022-26790 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
49 CVE-2022-26789 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
50 CVE-2022-26787 269 2022-04-15 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
Total number of vulnerabilities : 2361   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.