Vulnerabilities > Improper Check for Dropped Privileges
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-24 | CVE-2019-20044 | Improper Check for Dropped Privileges vulnerability in multiple products In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. | 7.8 |
| 2020-01-07 | CVE-2019-14879 | Improper Check for Dropped Privileges vulnerability in Moodle A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. | 5.5 |
| 2019-11-28 | CVE-2019-18276 | Improper Check for Dropped Privileges vulnerability in multiple products An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. | 7.8 |
| 2019-11-19 | CVE-2011-3350 | Improper Check for Dropped Privileges vulnerability in Marmaro Masqmail 0.2.21/0.2.30 masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping. | 7.5 |
| 2019-11-19 | CVE-2011-2921 | Improper Check for Dropped Privileges vulnerability in Ktsuss Project Ktsuss 1.3/1.4 ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges. | 10.0 |
| 2019-10-29 | CVE-2012-1187 | Improper Check for Dropped Privileges vulnerability in Bitlbee 3.0.4 Bitlbee does not drop extra group privileges correctly in unix.c | 7.5 |
| 2018-12-12 | CVE-2018-8599 | Improper Check for Dropped Privileges vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability." This affects Microsoft Visual Studio, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers. | 4.6 |
| 2018-10-30 | CVE-2018-16466 | Improper Check for Dropped Privileges vulnerability in Nextcloud Server Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens. | 5.5 |
| 2017-03-22 | CVE-2017-6972 | Improper Check for Dropped Privileges vulnerability in multiple products AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971. | 10.0 |
| 2006-06-15 | CVE-2006-2916 | Improper Check for Dropped Privileges vulnerability in KDE Arts 1.0/1.2 artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. | 7.8 |