Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-10 | CVE-2023-29256 | Improper Privilege Management vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features are used. | 6.5 |
| 2023-07-06 | CVE-2023-30642 | Improper Privilege Management vulnerability in Samsung Android 12.0/13.0 Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function. | 5.5 |
| 2023-07-04 | CVE-2023-25521 | Improper Privilege Management vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. | 7.8 |
| 2023-06-28 | CVE-2023-20136 | Improper Privilege Management vulnerability in Cisco Secure Workload A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. | 6.5 |
| 2023-06-26 | CVE-2023-34146 | Improper Privilege Management vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34147 and CVE-2023-34148. | 7.8 |
| 2023-06-26 | CVE-2023-34147 | Improper Privilege Management vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34148. | 7.8 |
| 2023-06-26 | CVE-2023-34148 | Improper Privilege Management vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34147. | 7.8 |
| 2023-06-16 | CVE-2023-25185 | Improper Privilege Management vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 7.8 |
| 2023-06-16 | CVE-2023-25188 | Improper Privilege Management vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 7.8 |
| 2023-06-15 | CVE-2023-2847 | Improper Privilege Management vulnerability in Eset Cyber Security, Endpoint Antivirus and Server Security During internal security analysis, a local privilege escalation vulnerability has been identified. | 7.8 |