| 1719 | Abusing Arbitrary File Deletes To Escalate Privilege And Other Great Tricks |
Local Privilege Escalation |
Microsoft (Windows) |
Abdelhamid Naceri |
Bug Bounty | 2022-03-17 | 2023-06-13 |
| 1709 | Targeting Visual Studio Code for macOS: File Discovery and a TCC bypass (kinda) |
Local Privilege Escalation
TCC bypass
MacoS |
Apple
Microsoft |
Alfie Champion (@ajpc500) |
Bug Bounty | 2022-03-21 | 2023-06-13 |
| 1688 | ABC-Code Execution for Veeam |
Local Privilege Escalation |
Veeam |
Sina Kheirkhah (@SinSinology) |
Bug Bounty | 2022-03-29 | 2023-06-13 |
| 1683 | Unauthenticated Remote Code Execution in Cisco Nexus Dashboard Fabric Controller (formerly DCNM) |
Insecure deserialization
Local Privilege Escalation
RCE |
Cisco |
Pedro Ribeiro (@pedrib1337) |
Bug Bounty | 2022-03-30 | 2023-06-13 |
| 1677 | Pwning a Cisco RV340 with a 4 bug chain exploit |
Local Privilege Escalation
OS command injection
RCE
Session management issue |
Cisco |
Liv (@terminatorLM) |
Bug Bounty | 2022-04-01 | 2023-06-13 |
| 1670 | How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables |
Memory corruption
Local Privilege Escalation |
Linux Kernel Organization |
David Bouman (@pqlqpql) |
Bug Bounty | 2022-04-02 | 2023-06-13 |
| 1667 | Vulnerable GitHub Actions Workflows Part 1: Privilege Escalation Inside Your CI/CD Pipeline |
Privilege escalation
CI/CD |
GitHub |
Noam Dotan |
Bug Bounty | 2022-04-04 | 2023-06-13 |
| 1664 | MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639 |
Local Privilege Escalation |
Apple |
Mickey Jin (@patch1t) |
Bug Bounty | 2022-04-04 | 2023-06-13 |
| 1635 | CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed) |
Local Privilege Escalation |
Microsoft |
Jacob Baines (@Junior_Baines) |
Bug Bounty | 2022-04-12 | 2023-06-13 |
| 1633 | CVE-2022-25165: Privilege Escalation to SYSTEM in AWS VPN Client |
Local Privilege Escalation |
AWS |
Rhino Security Labs (@RhinoSecurity) |
Bug Bounty | 2022-04-12 | 2023-06-13 |
| 1625 | Abusing Azure Hybrid Workers for Privilege Escalation – Part 2: An Azure PrivSec Story |
Privilege escalation |
Microsoft |
Josh Magri (@passthehashbrwn) |
Bug Bounty | 2022-04-14 | 2023-06-13 |
| 1610 | AWS%27s Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation |
Privilege escalation
Container escape |
AWS |
Unit 42 (@Unit42_Intel) |
Bug Bounty | 2022-04-19 | 2023-06-13 |
| 1607 | Gaining Unlimited access to graph AuditLogs endpoint using complex filters with non-privileged user account |
Information disclosure
Privilege escalation |
Microsoft |
Joosua Santasalo (@SantasaloJoosua) |
Bug Bounty | 2022-04-21 | 2023-06-13 |
| 1595 | Azure Monitor – Malicious KQL Query |
Privilege escalation
Cloud |
Microsoft |
Joosua Santasalo (@SantasaloJoosua) |
Bug Bounty | 2022-04-27 | 2023-06-13 |
| 1591 | Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL |
Cross-tenant vulnerability
Privilege escalation
Authentication bypass
Cloud |
Microsoft |
Shir Tamari (@shirtamari) |
Bug Bounty | 2022-04-28 | 2023-06-13 |
| 1585 | Vulnerable GitHub Actions Workflows Part 2: Actions That Open the Door to CI/CD Pipeline Attacks |
Privilege escalation
CI/CD |
NA |
Noam Dotan |
Bug Bounty | 2022-05-02 | 2023-06-13 |
| 1571 | Cloudflare Pages, part 1: The fellowship of the secret |
Command injection
Container escape
Bash Path injection
RCE
Local Privilege Escalation
Information disclosure |
Cloudflare |
Sean Yeoh (@seanyeoh) |
Bug Bounty | 2022-05-06 | 2023-06-13 |
| 1561 | Certifried: Active Directory Domain Privilege Escalation (CVE-2022–26923) |
Active Directory Privilege Escalation |
Microsoft |
Oliver Lyak (@ly4k_) |
Bug Bounty | 2022-05-10 | 2023-06-13 |
| 1560 | Diving Into Pre-created Computer Accounts |
Active Directory
Local Privilege Escalation
Windows |
NA |
Oddvar Moe (@Oddvarmoe) |
Bug Bounty | 2022-05-10 | 2023-06-13 |
| 1548 | Kubernetes Privilege Escalation: Excessive Permissions in Popular Platforms |
Privilege escalation
Broken Access Control
Kubernetes |
Google
AWS
Microsoft
Red Hat |
Yuval Avrahami (@yuval_avrahami) |
Bug Bounty | 2022-05-17 | 2023-06-13 |
| 1536 | I Obtained ADMIN access via the Account Activation link [In 30 seconds] |
Privilege escalation
Amazon cognito misconfiguration |
NA |
popalltheshells |
Bug Bounty | 2022-05-20 | 2023-06-13 |
| 1526 | CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED) |
Local Privilege Escalation |
VMware |
Jacob Baines (@Junior_Baines) |
Bug Bounty | 2022-05-24 | 2023-06-13 |
| 1489 | De-Anonymization attacks against Proton services |
Privacy issue
Information disclosure
HTML injection
Local Privilege Escalation |
Proton AG |
Ruben Santamarta (@reversemode) |
Bug Bounty | 2022-06-08 | 2023-06-13 |
| 1475 | Yet another bug into Netfilter |
Memory corruption
Local Privilege Escalation |
Linux Kernel Organization |
Arthur Mongodin |
Bug Bounty | 2022-06-13 | 2023-06-13 |
| 1474 | Microsoft Azure Synapse Pwnalytics |
Privilege escalation
Cloud |
Microsoft |
Jimi Sebree (@DinoBytes) |
Bug Bounty | 2022-06-13 | 2023-06-13 |
