| 1838 | How Docker Made Me More Capable and the Host Less Secure |
Local Privilege Escalation |
Microsoft |
Alon Zahavi (@Alon_Z4) |
Bug Bounty | 2022-02-08 | 2023-06-13 |
| 1837 | SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022-21999) |
Local Privilege Escalation |
Microsoft |
Olivier Lyak (@ly4k_) |
Bug Bounty | 2022-02-08 | 2023-06-13 |
| 1771 | webOS Revisited - Even More Mistaken Identities |
Local Privilege Escalation
Browser hacking |
LG |
Andreas Lindh (@addelindh) |
Bug Bounty | 2022-03-02 | 2023-06-13 |
| 1747 | CVE-2022-24696 – Glance By Mirametrix Privilege Escalation |
Local Privilege Escalation |
Lenovo |
Oddvar Moe (@Oddvarmoe) |
Bug Bounty | 2022-03-11 | 2023-06-13 |
| 1730 | CVE-2022-22616: Simple way to bypass GateKeeper, hidden for years |
Local Privilege Escalation
GateKeeper bypass
MacOS |
Apple |
Mickey Jin (@patch1t) |
Bug Bounty | 2022-03-15 | 2023-06-13 |
| 1727 | Securing Developer Tools: Git Integrations |
Local Privilege Escalation |
Microsoft
JetBrains
GitHub |
Sonar (@SonarSource) |
Bug Bounty | 2022-03-15 | 2023-06-13 |
| 1719 | Abusing Arbitrary File Deletes To Escalate Privilege And Other Great Tricks |
Local Privilege Escalation |
Microsoft (Windows) |
Abdelhamid Naceri |
Bug Bounty | 2022-03-17 | 2023-06-13 |
| 1709 | Targeting Visual Studio Code for macOS: File Discovery and a TCC bypass (kinda) |
Local Privilege Escalation
TCC bypass
MacoS |
Apple
Microsoft |
Alfie Champion (@ajpc500) |
Bug Bounty | 2022-03-21 | 2023-06-13 |
| 1688 | ABC-Code Execution for Veeam |
Local Privilege Escalation |
Veeam |
Sina Kheirkhah (@SinSinology) |
Bug Bounty | 2022-03-29 | 2023-06-13 |
| 1683 | Unauthenticated Remote Code Execution in Cisco Nexus Dashboard Fabric Controller (formerly DCNM) |
Insecure deserialization
Local Privilege Escalation
RCE |
Cisco |
Pedro Ribeiro (@pedrib1337) |
Bug Bounty | 2022-03-30 | 2023-06-13 |
| 1677 | Pwning a Cisco RV340 with a 4 bug chain exploit |
Local Privilege Escalation
OS command injection
RCE
Session management issue |
Cisco |
Liv (@terminatorLM) |
Bug Bounty | 2022-04-01 | 2023-06-13 |
| 1670 | How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables |
Memory corruption
Local Privilege Escalation |
Linux Kernel Organization |
David Bouman (@pqlqpql) |
Bug Bounty | 2022-04-02 | 2023-06-13 |
| 1664 | MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639 |
Local Privilege Escalation |
Apple |
Mickey Jin (@patch1t) |
Bug Bounty | 2022-04-04 | 2023-06-13 |
| 1635 | CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed) |
Local Privilege Escalation |
Microsoft |
Jacob Baines (@Junior_Baines) |
Bug Bounty | 2022-04-12 | 2023-06-13 |
| 1633 | CVE-2022-25165: Privilege Escalation to SYSTEM in AWS VPN Client |
Local Privilege Escalation |
AWS |
Rhino Security Labs (@RhinoSecurity) |
Bug Bounty | 2022-04-12 | 2023-06-13 |
| 1571 | Cloudflare Pages, part 1: The fellowship of the secret |
Command injection
Container escape
Bash Path injection
RCE
Local Privilege Escalation
Information disclosure |
Cloudflare |
Sean Yeoh (@seanyeoh) |
Bug Bounty | 2022-05-06 | 2023-06-13 |
| 1560 | Diving Into Pre-created Computer Accounts |
Active Directory
Local Privilege Escalation
Windows |
NA |
Oddvar Moe (@Oddvarmoe) |
Bug Bounty | 2022-05-10 | 2023-06-13 |
| 1526 | CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED) |
Local Privilege Escalation |
VMware |
Jacob Baines (@Junior_Baines) |
Bug Bounty | 2022-05-24 | 2023-06-13 |
| 1489 | De-Anonymization attacks against Proton services |
Privacy issue
Information disclosure
HTML injection
Local Privilege Escalation |
Proton AG |
Ruben Santamarta (@reversemode) |
Bug Bounty | 2022-06-08 | 2023-06-13 |
| 1475 | Yet another bug into Netfilter |
Memory corruption
Local Privilege Escalation |
Linux Kernel Organization |
Arthur Mongodin |
Bug Bounty | 2022-06-13 | 2023-06-13 |
| 1463 | [BugTales] UnZiploc: From 0-click To Platform Compromise |
Memory corruption
Logic flaw
RCE
Local Privilege Escalation |
Huawei |
Daniel Komaromy (@kutyacica) |
Bug Bounty | 2022-06-14 | 2023-06-13 |
| 1460 | Amazon Linux "log4j hotpatch" <1.3-5 local privilege escalation to root (race condition) |
Local Privilege Escalation |
Amazon |
Justin Steven (@justinsteven) |
Bug Bounty | 2022-06-15 | 2023-06-13 |
| 1419 | FabricScape: Escaping Service Fabric and Taking Over the Cluster |
Container escape
Local Privilege Escalation
Cross-tenant vulnerability |
Microsoft |
Unit 42 (@Unit42_Intel) |
Bug Bounty | 2022-06-28 | 2023-06-13 |
| 1406 | Get root on macOS 12.3.1: proof-of-concepts for Linus Henze%27s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763) |
Signature validation bypass
Memory corruption
Local Privilege Escalation
MacOS |
Apple |
Zhuowei Zhang (@zhuowei) |
Bug Bounty | 2022-07-02 | 2023-06-13 |
| 1399 | Rediscovering Epic Games 0-Days (Forever Unpatched?) |
Local Privilege Escalation |
Epic Games |
Christopher Vella (@Kharosx0) |
Bug Bounty | 2022-07-06 | 2023-06-13 |
