Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-22 | CVE-2024-11218 | A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. | 8.6 |
| 2025-01-15 | CVE-2024-9636 | The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in versions 2.2.85 to 2.3.3. | 9.8 |
| 2024-12-19 | CVE-2020-15934 | Improper Privilege Management vulnerability in Fortinet Forticlient An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. | 7.8 |
| 2024-12-14 | CVE-2024-11721 | The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5. | 8.1 |
| 2024-08-28 | CVE-2024-4555 | Improper Privilege Management vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1 | 7.5 |
| 2024-06-13 | CVE-2024-32918 | Improper Privilege Management vulnerability in Google Android Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps | 6.1 |
| 2024-06-12 | CVE-2024-5909 | Improper Privilege Management vulnerability in Paloaltonetworks Cortex XDR Agent A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. | 5.5 |
| 2024-06-12 | CVE-2024-5759 | Improper Privilege Management vulnerability in Tenable Security Center 6.3.0 An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required privileges | 6.3 |
| 2024-04-25 | CVE-2024-28241 | Improper Privilege Management vulnerability in Glpi-Project Glpi Agent The GLPI Agent is a generic management agent. | 7.8 |
| 2024-03-06 | CVE-2023-38944 | Improper Privilege Management vulnerability in Multilaser Re160V Firmware and Re163V Firmware An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01.10_pt allows attackers to bypass the access control and gain complete access to the application via modifying a HTTP header. | 9.8 |