Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2024-12-14 CVE-2024-11721 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5.
network
high complexity
CWE-269
8.1
2024-11-26 CVE-2024-49035 An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
network
low complexity
CWE-269
8.7
2024-08-28 CVE-2024-4555 Improper Privilege Management vulnerability in Microfocus Netiq Access Manager 5.0.2
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1
network
low complexity
microfocus CWE-269
7.5
2024-06-13 CVE-2024-32918 Improper Privilege Management vulnerability in Google Android
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps
low complexity
google CWE-269
6.1
2024-06-12 CVE-2024-5909 Improper Privilege Management vulnerability in Paloaltonetworks Cortex XDR Agent
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent.
local
low complexity
paloaltonetworks CWE-269
5.5
2024-06-12 CVE-2024-5759 Improper Privilege Management vulnerability in Tenable Security Center 6.3.0
An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required privileges
network
low complexity
tenable CWE-269
6.3
2024-02-08 CVE-2024-22795 Improper Privilege Management vulnerability in Forescout Secureconnector 11.3.06.0063
Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component.
local
high complexity
forescout CWE-269
7.0
2024-02-08 CVE-2024-23764 Improper Privilege Management vulnerability in Withsecure products
Certain WithSecure products allow Local Privilege Escalation.
local
low complexity
withsecure CWE-269
6.7
2024-02-06 CVE-2024-22237 Improper Privilege Management vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.
local
low complexity
vmware CWE-269
7.8
2024-02-06 CVE-2024-22239 Improper Privilege Management vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access.
local
low complexity
vmware CWE-269
7.8