Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2021-11-23 CVE-2021-35052 Improper Privilege Management vulnerability in Kaspersky Password Manager 9.0.2
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High.
local
low complexity
kaspersky CWE-269
4.6
2021-11-23 CVE-2021-39976 Improper Privilege Management vulnerability in Huawei Cloudengine 5800 Firmware V200R020C00Spc600
There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600.
local
low complexity
huawei CWE-269
7.2
2021-11-21 CVE-2021-28710 Improper Privilege Management vulnerability in XEN 4.15.0
certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures (page tables) may (and, on suitable hardware, by default will) be shared between CPUs, for second-level translation (EPT), and IOMMUs.
local
xen CWE-269
6.9
2021-11-20 CVE-2021-36307 Improper Privilege Management vulnerability in Dell Networking Os10
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability.
network
dell CWE-269
8.5
2021-11-19 CVE-2021-22966 Improper Privilege Management vulnerability in Concretecms Concrete CMS
Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below.
network
low complexity
concretecms CWE-269
6.5
2021-11-19 CVE-2021-44038 Improper Privilege Management vulnerability in Quagga
An issue was discovered in Quagga through 1.2.4.
local
low complexity
quagga CWE-269
7.2
2021-11-18 CVE-2021-23193 Improper Privilege Management vulnerability in Gallagher Command Centre
Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server.
network
low complexity
gallagher CWE-269
4.0
2021-11-18 CVE-2021-0655 Improper Privilege Management vulnerability in Google Android 10.0/11.0
In mdlactl driver, there is a possible memory corruption due to an incorrect bounds check.
local
low complexity
google CWE-269
4.6
2021-11-17 CVE-2021-0146 Improper Privilege Management vulnerability in Intel products
Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
local
low complexity
intel CWE-269
4.6
2021-11-17 CVE-2021-0157 Improper Privilege Management vulnerability in Intel products
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-269
4.6