Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-11 | CVE-2017-5722 | Improper Privilege Management vulnerability in Intel products Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enforcement of integrity protections via manipulation of firmware storage. | 7.5 |
| 2017-10-10 | CVE-2017-13721 | Improper Privilege Management vulnerability in multiple products In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session. | 4.7 |
| 2017-10-05 | CVE-2017-12728 | Improper Privilege Management vulnerability in Spidercontrol Scada Webserver 2.02.0007 An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. | 7.8 |
| 2017-10-05 | CVE-2017-1000104 | Improper Privilege Management vulnerability in Jenkins Config File Provider The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. | 6.5 |
| 2017-09-30 | CVE-2017-14349 | Improper Privilege Management vulnerability in HP Sitescope An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data. | 9.8 |
| 2017-09-29 | CVE-2017-8448 | Improper Privilege Management vulnerability in Elastic X-Pack An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges. | 8.8 |
| 2017-09-29 | CVE-2017-8447 | Improper Privilege Management vulnerability in Elastic X-Pack An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. | 6.5 |
| 2017-09-21 | CVE-2017-9724 | Improper Privilege Management vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address. | 7.8 |
| 2017-09-15 | CVE-2017-14484 | Improper Privilege Management vulnerability in Gentoo Sci-Mathematics-Gimps 28.10 The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed. | 7.3 |
| 2017-09-13 | CVE-2017-14124 | Improper Privilege Management vulnerability in Unicon-Software RP In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when classic desktop mode is used, it is possible to start applications other than defined, even if the user does not have permissions to change application definitions. | 6.3 |