Vulnerabilities > Improper Privilege Management

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-21	CVE-2024-6240	Improper Privilege Management vulnerability in Parallels Desktop Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. network low complexity parallels CWE-269 critical	10.0
2024-06-20	CVE-2024-4390	Improper Privilege Management vulnerability in Depicter The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. network low complexity depicter CWE-269	6.5
2024-06-12	CVE-2024-5759	Improper Privilege Management vulnerability in Tenable Security Center An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required privileges network low complexity tenable CWE-269	6.3
2024-06-04	CVE-2024-29975	UNSUPPORTED WHEN ASSIGNED The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated local attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device. local low complexity CWE-269	6.7
2024-06-04	CVE-2024-29976	UNSUPPORTED WHEN ASSIGNED The improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device. network low complexity CWE-269	6.5
2024-04-09	CVE-2024-29052	Improper Privilege Management vulnerability in Microsoft products Windows Storage Elevation of Privilege Vulnerability local low complexity microsoft CWE-269	7.8
2024-04-05	CVE-2023-6522	Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3914. network low complexity CWE-269	7.2
2024-03-21	CVE-2023-47715	Improper Privilege Management vulnerability in IBM Storage Protect Plus IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with read-only permissions to add or delete entries from an existing HyperVisor configuration. network low complexity ibm CWE-269	4.3
2024-02-15	CVE-2023-4993	Improper Privilege Management vulnerability in Utarit Information Technologies SoliPay Mobile App allows Collect Data as Provided by Users.This issue affects SoliPay Mobile App: before 5.0.8. network low complexity CWE-269	7.5
2024-02-10	CVE-2023-50957	Improper Privilege Management vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. network low complexity ibm CWE-269	7.2