CWE-250 (带着不必要的权限执行) — Vulnerability Class 233

233 vulnerabilities classified as CWE-250 (带着不必要的权限执行). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-2240	Docker implementation in Brocade SANnav is missing Audit Rules. — Brocade SANnav	8.8	-	2025-02-14
CVE-2024-7102	Execution with Unnecessary Privileges in GitLab — GitLab	9.6	Critical	2025-02-13
CVE-2024-8266	Execution with Unnecessary Privileges in GitLab — GitLab	4.4	Medium	2025-02-13
CVE-2024-12673	Lenovo Vantage 安全漏洞 — Vantage	7.8	High	2025-02-12
CVE-2024-21924	AMD System Management Mode 安全漏洞 — AMD EPYC™ 7002 Processors	8.2	High	2025-02-11
CVE-2025-22890	Humming Heads Defense Platform 安全漏洞 — Defense Platform Home Edition	7.8	-	2025-02-06
CVE-2024-49814	IBM Security Verify Access Appliance Privilege Escalation — Security Verify Access Appliance	7.8	High	2025-02-06
CVE-2025-20185	Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability — Cisco Secure Email	3.4	Low	2025-02-05
CVE-2023-37412	IBM Aspera Faspex improper access control — Aspera Faspex	4.4	Medium	2025-01-29
CVE-2025-24814	Apache Solr: Core-creation with "trusted" configset can use arbitrary untrusted files — Apache Solr	9.8	-	2025-01-27
CVE-2024-47978	Dell NativeEdge 安全漏洞 — NativeEdge	7.8	High	2024-12-25
CVE-2024-35141	IBM Security Verify Access privilege escalation — Security Verify Access Docker	7.8	High	2024-12-19
CVE-2024-31891	IBM Storage Scale privilege escalation — Storage Scale	7.8	High	2024-12-14
CVE-2024-28140	Violation of Least Privilege Principle — Scan2Net	9.8	-	2024-12-11
CVE-2024-28139	Privilege escalation through sudo misconfiguration — Scan2Net	7.8	-	2024-12-11
CVE-2024-49804	IBM Security Verify Access Appliance privilege escalation — Security Verify Access	7.8	High	2024-11-29
CVE-2021-38118	Possible Local Privilege Escalation Vulnerability in OpenText iManager — iManager	5.5	Medium	2024-11-22
CVE-2024-52799	Argo Workflows Chart: Excessive Privileges in Workflow Role — argo-helm	8.3	High	2024-11-21
CVE-2024-11075	SICK Incoming Goods Suite privilege escalation vulnerability — SICK Incoming Goods Suite	8.8	High	2024-11-19
CVE-2020-26074	Cisco SD-WAN vManage Privilege Escalation Vulnerability — Cisco Catalyst SD-WAN Manager	7.8	High	2024-11-18
CVE-2024-8781	Container Escape Vulnerability in TR7's Application Security Platform (ASP) — Application Security Platform (ASP)	7.8^AI	High^AI	2024-11-18
CVE-2024-51722	Vulnerabilities in SecuSUITE Server Components Impact SecuSUITE — SecuSUITE	6.4	Medium	2024-11-12
CVE-2024-48837	Dell SmartFabric OS10 安全漏洞 — SmartFabric OS10 Software	7.8	High	2024-11-12
CVE-2024-47903	Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞 — InterMesh 7177 Hybrid 2.0 Subscriber	5.8	Medium	2024-10-23
CVE-2024-20420	Cisco ATA 190 Series Analog Telephone Adapter Firmware Privilege Escalation Vulnerability — Cisco Analog Telephone Adaptor (ATA) Software	5.4	Medium	2024-10-16
CVE-2024-9473	GlobalProtect App: Local Privilege Escalation (PE) Vulnerability — GlobalProtect App	7.8^AI	High^AI	2024-10-09
CVE-2024-43583	Winlogon Elevation of Privilege Vulnerability — Windows 10 Version 1809	7.8	High	2024-10-08
CVE-2024-8903	Acronis Cyber Protect Cloud Agent 安全漏洞 — Acronis Cyber Protect Cloud Agent	7.8^AI	High^AI	2024-09-23
CVE-2024-8767	Acronis多款产品安全漏洞 — Acronis Backup plugin for cPanel & WHM	8.8	-	2024-09-17
CVE-2024-7387	Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy	9.1	Critical	2024-09-16

Vulnerabilities classified as CWE-250 (带着不必要的权限执行) represent 233 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-250 (带着不必要的权限执行) — Vulnerability Class 233