Vulnerabilities > Improper Check for Dropped Privileges

DATE CVE VULNERABILITY TITLE RISK
2024-01-05 CVE-2023-34322 Improper Check for Dropped Privileges vulnerability in XEN
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode.
local
low complexity
xen CWE-273
7.8
2023-10-05 CVE-2023-26239 Improper Check for Dropped Privileges vulnerability in Watchguard products
An issue was discovered in WatchGuard EPDR 8.0.21.0002.
local
low complexity
watchguard CWE-273
5.5
2023-10-04 CVE-2023-5369 Improper Check for Dropped Privileges vulnerability in Freebsd 13.2
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively.
local
low complexity
freebsd CWE-273
7.1
2022-08-29 CVE-2022-0358 Improper Check for Dropped Privileges vulnerability in multiple products
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation.
local
low complexity
qemu redhat CWE-273
7.8
2022-07-06 CVE-2021-37839 Improper Check for Dropped Privileges vulnerability in Apache Superset
Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on.
network
low complexity
apache CWE-273
4.0
2022-04-29 CVE-2021-3982 Improper Check for Dropped Privileges vulnerability in Gnome Gnome-Shell
Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue.
local
low complexity
gnome CWE-273
5.5
2021-11-19 CVE-2021-36372 Improper Check for Dropped Privileges vulnerability in Apache Ozone
In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key.
network
low complexity
apache CWE-273
critical
9.8
2020-08-16 CVE-2020-24361 Improper Check for Dropped Privileges vulnerability in multiple products
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.
network
low complexity
snmptt debian CWE-273
critical
9.8
2020-07-13 CVE-2020-14300 Improper Check for Dropped Privileges vulnerability in multiple products
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes.
local
low complexity
redhat docker CWE-273
8.8
2020-07-13 CVE-2020-14298 Improper Check for Dropped Privileges vulnerability in multiple products
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304.
local
low complexity
redhat docker CWE-273
8.8