Vulnerabilities > Improper Check for Dropped Privileges

DATE CVE VULNERABILITY TITLE RISK
2024-11-17 CVE-2023-0657 A flaw was found in Keycloak.
high complexity
CWE-273
3.4
2024-09-17 CVE-2024-38813 Improper Check for Dropped Privileges vulnerability in VMWare Vcenter Server 7.0/8.0
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.
network
low complexity
vmware CWE-273
critical
9.8
2024-01-05 CVE-2023-34322 Improper Check for Dropped Privileges vulnerability in XEN
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode.
local
low complexity
xen CWE-273
7.8
2023-10-05 CVE-2023-26239 Improper Check for Dropped Privileges vulnerability in Watchguard products
An issue was discovered in WatchGuard EPDR 8.0.21.0002.
local
low complexity
watchguard CWE-273
5.5
2023-10-04 CVE-2023-5369 Improper Check for Dropped Privileges vulnerability in Freebsd 13.2
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively.
local
low complexity
freebsd CWE-273
7.1
2022-08-29 CVE-2022-0358 Improper Check for Dropped Privileges vulnerability in multiple products
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation.
local
low complexity
qemu redhat CWE-273
7.8
2022-07-06 CVE-2021-37839 Improper Check for Dropped Privileges vulnerability in Apache Superset
Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on.
network
low complexity
apache CWE-273
4.3
2022-04-29 CVE-2021-3982 Improper Check for Dropped Privileges vulnerability in Gnome Gnome-Shell
Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue.
local
low complexity
gnome CWE-273
5.5
2020-08-16 CVE-2020-24361 Improper Check for Dropped Privileges vulnerability in multiple products
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.
network
low complexity
snmptt debian CWE-273
critical
9.8
2020-07-13 CVE-2020-14300 Improper Check for Dropped Privileges vulnerability in multiple products
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes.
local
low complexity
redhat docker CWE-273
8.8