| 2024-11-18 | CVE-2020-26063 | A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system without authorization. The vulnerability is due to improper authorization checks on API endpoints. | 5.4 |
| 2024-11-16 | CVE-2024-9192 | The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to privilege escalation due to insufficient validation on user meta that can be updated in the wpvr_rate_request_result() function in all versions up to, and including, 1.20.0. | 8.8 |
| 2024-08-28 | CVE-2024-4555 | Improper Privilege Management vulnerability in Microfocus Netiq Access Manager 5.0.2
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1 | 7.5 |
| 2024-06-21 | CVE-2024-6240 | Improper Privilege Management vulnerability in Parallels Desktop
Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. | 10.0 |
| 2024-06-20 | CVE-2024-4390 | Improper Privilege Management vulnerability in Depicter
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. | 6.5 |
| 2024-06-13 | CVE-2024-32918 | Improper Privilege Management vulnerability in Google Android
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps | 6.1 |
| 2024-06-12 | CVE-2024-5909 | Improper Privilege Management vulnerability in Paloaltonetworks Cortex XDR Agent
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. | 5.5 |
| 2024-06-12 | CVE-2024-5759 | Improper Privilege Management vulnerability in Tenable Security Center
An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required privileges | 6.3 |
| 2024-06-04 | CVE-2024-29975 | ** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated local attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device. | 6.7 |
| 2024-06-04 | CVE-2024-29976 | ** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device. | 6.5 |