Description
The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.
CVE vulnerabilities with CWE-270 (26)
9.9
CVSS
CRITICAL
CVE-2023-37912
pub. 2023-10-25
9.9
CVSS
CRITICAL
CVE-2023-26475
pub. 2023-03-02
9.8
CVSS
CRITICAL
CVE-2023-25754
pub. 2023-05-08
9.4
CVSS
CRITICAL
CVE-2026-9560
pub. 2026-05-26
9.3
CVSS
CRITICAL
CVE-2024-11263
pub. 2024-11-15
8.8
CVSS
HIGH
CVE-2021-3493
pub. 2021-04-17🚩 CISA KEV⚡ EXPLOIT
8.8
CVSS
HIGH
CVE-2019-14819
pub. 2020-01-07
8.7
CVSS
HIGH
CVE-2025-49581
pub. 2025-06-13
8.2
CVSS
HIGH
CVE-2024-36513
pub. 2024-11-12
8.2
CVSS
HIGH
CVE-2017-2663
pub. 2018-07-27
8.1
CVSS
HIGH
CVE-2025-9408
pub. 2025-11-11
7.9
CVSS
HIGH
CVE-2024-46975
pub. 2025-02-22
7.8
CVSS
HIGH
CVE-2025-60721
pub. 2025-11-11
7.7
CVSS
HIGH
CVE-2026-34853
pub. 2026-04-13
6.7
CVSS
MEDIUM
CVE-2024-12570
pub. 2024-12-12
6.7
CVSS
MEDIUM
CVE-2024-8641
pub. 2024-09-12
6.5
CVSS
MEDIUM
CVE-2020-7019
pub. 2020-08-18
6.0
CVSS
MEDIUM
CVE-2025-26499
pub. 2025-09-11
5.6
CVSS
MEDIUM
CVE-2025-46406
pub. 2025-07-10
5.5
CVSS
MEDIUM
CVE-2024-47173
pub. 2024-10-24
Showing 20 of 26 vulnerabilities