| 4833 | CVE-2017-13253: Buffer overflow in multiple Android DRM services |
Memory corruption
Local Privilege Escalation |
Google |
Tamir Zahavi-Brunner (@tamir_zb) |
Bug Bounty | 2018-03-15 | 2023-06-13 |
| 3740 | Admin capabilities around your ears |
Local Privilege Escalation |
Poly (Plantronics) |
Markus Krell (@MarkusKrell) |
Bug Bounty | 2020-01-02 | 2023-06-13 |
| 3470 | CVE-2020–1088 — Yet another arbitrary delete EoP |
Local Privilege Escalation
Windows |
Microsoft |
Søren Fritzbøger (@fritzboger) |
Bug Bounty | 2020-05-18 | 2023-06-13 |
| 3422 | Three Privilege Escalation Bugs in Google Cloud Platform’s OS Login |
Local Privilege Escalation
Cloud |
Google |
initstring (@init_string) |
Bug Bounty | 2020-06-04 | 2023-06-13 |
| 3411 | Local Privilege Escalation Discovered in VMware Fusion |
Local Privilege Escalation
MacOS |
VMware |
Rich Mirch (@0xm1rch) |
Bug Bounty | 2020-06-09 | 2023-06-13 |
| 3277 | CVE-2020–9934: Bypassing the macOS Transparency, Consent, and Control (TCC) Framework for unauthorized access to sensitive user data |
MacOS
Local Privilege Escalation
Authorization flaw |
Apple |
Matt Shockley (@mattshockl) |
Bug Bounty | 2020-07-27 | 2023-06-13 |
| 3259 | CVE-2020–9854: "Unauthd" - (three) logic bugs ftw! |
Local Privilege Escalation
Logic flaw |
Apple |
Ilias Morad (@A2nkF_) |
Bug Bounty | 2020-08-01 | 2023-06-13 |
| 3256 | CVE-2020–9854: "Unauthd" |
MacOS
Local Privilege Escalation
SIP bypass |
Apple (macOS) |
Ilias Morad (@A2nkF_) |
Bug Bounty | 2020-08-01 | 2023-06-13 |
| 3250 | Amazon AWS Bastion - Logger Bypass |
Logging bypass
Local Privilege Escalation |
AWS |
Denis Andzakovic |
Bug Bounty | 2020-08-03 | 2023-06-13 |
| 3207 | Windows AppX Deployment Service Local Privilege Escalation (CVE-2020-1488 |
Local Privilege Escalation |
Microsoft |
ACTIVELabs |
Bug Bounty | 2020-08-18 | 2023-06-13 |
| 3168 | CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze |
RCE
Local Privilege Escalation |
Backblaze |
Jason Geffner (@JasonGeffner) |
Bug Bounty | 2020-09-09 | 2023-06-13 |
| 3155 | Dropbox Escalation of Privileges to SYSTEM on Windows |
Local Privilege Escalation |
Dropbox |
Teresa Alberto |
Bug Bounty | 2020-09-17 | 2023-06-13 |
| 3142 | suPHP - The vulnerable ghost in your shell |
Local Privilege Escalation |
NA |
Maxime (@punkeel) |
Bug Bounty | 2020-09-21 | 2023-06-13 |
| 3115 | 90 days, 16 bugs, and an Azure Sphere Challenge |
Local privilege escalation
RCE
DoS
Information disclosure |
Microsoft |
Cisco Talos |
Bug Bounty | 2020-10-06 | 2023-06-13 |
| 3114 | Our Experiences Participating in Microsoft’s Azure Sphere Bounty Program |
Local privilege escalation
RCE
Security Feature bypass |
Microsoft |
McAfee Advanced Threat Research (ATR) |
Bug Bounty | 2020-10-06 | 2023-06-13 |
| 3100 | Guest Blog Post: Rollback Attack |
Local Privilege Escalation |
Mozilla |
Xiaoyin Liu (@general_nfs) |
Bug Bounty | 2020-10-12 | 2023-06-13 |
| 3095 | MS Enterprise app management service RCE. CVE-2022-35841 |
RCE
Local Privilege Escalation
Windows |
Microsoft |
Ceri Coburn (@_ethicalchaos_) |
Bug Bounty | 2020-10-13 | 2023-06-13 |
| 3041 | Local Privilege Escalation Vulnerability Discovered in VMware Fusion |
Local Privilege Escalation |
VMware |
Rich Mirch (@0xm1rch) |
Bug Bounty | 2020-11-11 | 2023-06-13 |
| 3030 | SD-PWN Part 2 — Citrix SD-WAN Center — Another Network Takeover |
RCE
Authentication bypass
Path traversal
OS command injection
Local Privilege Escalation |
Citrix Systems |
Realmode Labs (@RealmodeLabs) |
Bug Bounty | 2020-11-15 | 2023-06-13 |
| 3007 | SD-PWN — Part 3 — Cisco vManage — Another Day, Another Network Takeover |
RCE
SSRF
Arbitrary file write
Path traversal
OS command injection
Local Privilege Escalation |
Cisco |
Realmode Labs (@RealmodeLabs) |
Bug Bounty | 2020-11-23 | 2023-06-13 |
| 2912 | A %27Novel%27 Way to Bypass Executable Signature Checks with Electron |
Local Privilege Escalation |
NA |
Parsia Hackerman (@cryptogangsta) |
Bug Bounty | 2021-01-08 | 2023-06-13 |
| 2893 | BitLocker Lockscreen bypass |
Lock screen bypass
Local Privilege Escalation
Windows |
Microsoft |
Jonas L (@jonasLyk) |
Bug Bounty | 2021-01-15 | 2023-06-13 |
| 2841 | CVE-2020-9759 - Getting root on webOS |
Local Privilege Escalation
Browser hacking |
LG |
Andreas Lindh (@addelindh) |
Bug Bounty | 2021-02-03 | 2023-06-13 |
| 2733 | Partially disable Cybereason EDR as low privileges user on Windows |
EDR bypass
Local Privilege Escalation |
Cybereason |
Mehdi Alouache |
Bug Bounty | 2022-10-28 | 2023-06-13 |
| 2674 | Who Contains the Containers? |
Local Privilege Escalation |
Microsoft |
James Forshaw (@tiraniddo) |
Bug Bounty | 2021-04-01 | 2023-06-13 |
