Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-269 (特权管理不恰当) — Vulnerability Class 992

992 vulnerabilities classified as CWE-269 (特权管理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-13787 ZenTao File control.php delete privileges management — ZenTao 5.4 Medium2025-11-30
CVE-2025-59790 Apache Kvrocks: RESET command grants admin privileges — Apache Kvrocks 8.8 -2025-11-28
CVE-2025-13540 Tiare Membership <= 1.2 - Unauthenticated Privilege Escalation — Tiare Membership 9.8 Critical2025-11-27
CVE-2025-13680 Tiger <= 101.2.1 - Authenticated (Subscriber+) Privilege Escalation — Tiger 8.8 High2025-11-27
CVE-2025-13675 Tiger <= 101.2.1 - Unauthenticated Privilege Escalation — Tiger 9.8 Critical2025-11-27
CVE-2025-13538 FindAll Listing <= 1.0.5 - Unauthenticated Privilege Escalation — FindAll Listing 9.8 Critical2025-11-27
CVE-2025-66314 ZTE ElasticNet UME R32 安全漏洞 — ElasticNet UME R32 7.5 High2025-11-27
CVE-2025-66266 Insecure SYSTEM Service Permissions in UPSilon2000V6.0 (RupsMon.exe) leading to trivial Local Privilege Escalation — UPSilon2000V6.0 7.8AIHighAI2025-11-26
CVE-2025-66265 Insecure permissions in configuration directory (C:\\usr) — ClientMate 7.8AIHighAI2025-11-26
CVE-2025-33188 NVIDIA DGX Spark 安全漏洞 — DGX Spark 8.0 High2025-11-25
CVE-2025-33187 NVIDIA DGX Spark 安全漏洞 — DGX Spark 9.3 Critical2025-11-25
CVE-2025-13559 EduKart Pro <= 1.0.3 - Unauthenticated Privilege Escalation — EduKart Pro 9.8 Critical2025-11-25
CVE-2025-54821 Fortinet多款产品 安全漏洞 — FortiProxy 1.8 Low2025-11-18
CVE-2025-40548 SolarWinds Serv-U Broken Access Control - Remote Code Execution Vulnerability — Serv-U 9.1 Critical2025-11-18
CVE-2025-20346 Cisco Catalyst Center Privilege Escalation Vulnerability — Cisco Digital Network Architecture Center (DNA Center) 4.3 Medium2025-11-13
CVE-2025-11923 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes - Various Versions - Authenticated (Student+) Privilege Escalation — LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes 8.8 High2025-11-13
CVE-2025-59514 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability — Windows 10 Version 1607 7.8 High2025-11-11
CVE-2025-11457 EasyCommerce – AI-Powered, Blazing-Fast & Beautiful WordPress Ecommerce Plugin 0.9.0-beta2 - 1.8.2 - Unauthenticated Privilege Escalation — EasyCommerce – AI-Powered WordPress Ecommerce Plugin to Sell Digital Products, Subscriptions & Physical Goods 9.8 Critical2025-11-11
CVE-2025-11168 Mementor Core <= 2.2.5 - Authenticated (Subscriber+) Privilege Escalation — Mementor Core 8.8 High2025-11-11
CVE-2025-64507 Incus vulnerable to local privilege escalation through custom storage volumes — incus 8.8 -2025-11-10
CVE-2025-12405 Unauthorized access through stored credentials in Looker Studio — Looker Studio 8.8 -2025-11-10
CVE-2025-64489 SuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User Bypass — SuiteCRM 8.3 High2025-11-08
CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes — kubevirt 9.6 -2025-11-07
CVE-2025-12485 Devolutions Server 安全漏洞 — Server 8.1 -2025-11-06
CVE-2025-46364 Dell CloudLink 安全漏洞 — CloudLin 9.1 Critical2025-11-05
CVE-2025-12683 NULL DACL assigned to Named Pipe communicating with SYSTEM Service — Everything 7.8AIHighAI2025-11-04
CVE-2024-13997 Nagios XI < 2024R1.1.3 Privilege Escalation via Migrate Server Feature to Root on Host — XI 7.2AIHighAI2025-11-03
CVE-2025-8900 Doccure Core < 1.5.4 - Unauthenticated Privilege Escalation — Doccure Core 9.8 Critical2025-11-03
CVE-2025-8489 King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor 24.12.92 - 51.1.14 - Unauthenticated Privilege Escalation — King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor 9.8 Critical2025-10-31
CVE-2024-14009 Nagios XI < 2024R1.0.1 Privilege Escalation via System Profile — XI 7.2AIHighAI2025-10-30

Vulnerabilities classified as CWE-269 (特权管理不恰当) represent 992 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.