Vulnerabilities > Improper Check for Dropped Privileges
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-17 | CVE-2023-0657 | A flaw was found in Keycloak. high complexity CWE-273 | 3.4 |
| 2024-09-17 | CVE-2024-38813 | Improper Check for Dropped Privileges vulnerability in VMWare Vcenter Server 7.0/8.0 The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. | 9.8 |
| 2024-01-05 | CVE-2023-34322 | Improper Check for Dropped Privileges vulnerability in XEN For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. | 7.8 |
| 2023-10-05 | CVE-2023-26239 | Improper Check for Dropped Privileges vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 5.5 |
| 2023-10-04 | CVE-2023-5369 | Improper Check for Dropped Privileges vulnerability in Freebsd 13.2 Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. | 7.1 |
| 2022-08-29 | CVE-2022-0358 | Improper Check for Dropped Privileges vulnerability in multiple products A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. | 7.8 |
| 2022-07-06 | CVE-2021-37839 | Improper Check for Dropped Privileges vulnerability in Apache Superset Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. | 4.0 |
| 2022-04-29 | CVE-2021-3982 | Improper Check for Dropped Privileges vulnerability in Gnome Gnome-Shell Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. | 5.5 |
| 2021-11-19 | CVE-2021-36372 | Improper Check for Dropped Privileges vulnerability in Apache Ozone In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. | 9.8 |
| 2020-08-16 | CVE-2020-24361 | Improper Check for Dropped Privileges vulnerability in multiple products SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec. | 9.8 |