Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-13776 | Improper Privilege Management vulnerability in multiple products systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. | 6.7 |
| 2020-06-01 | CVE-2020-13695 | Improper Privilege Management vulnerability in Quickbox In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/*.db or /etc/shadow file. | 9.0 |
| 2020-05-29 | CVE-2020-4352 | Improper Privilege Management vulnerability in IBM MQ for HPE Nonstop 8.0.4/8.1.0 IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. | 4.4 |
| 2020-05-27 | CVE-2020-10936 | Improper Privilege Management vulnerability in multiple products Sympa before 6.2.56 allows privilege escalation. | 7.8 |
| 2020-05-26 | CVE-2020-9046 | Improper Privilege Management vulnerability in Johnsoncontrols Kantech Entrapass 8.22 A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. | 7.2 |
| 2020-05-26 | CVE-2020-3812 | Improper Privilege Management vulnerability in multiple products qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. | 2.1 |
| 2020-05-21 | CVE-2020-1195 | Improper Privilege Management vulnerability in Microsoft Edge An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'. | 4.3 |
| 2020-05-21 | CVE-2020-1191 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. | 4.6 |
| 2020-05-21 | CVE-2020-1190 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. | 4.6 |
| 2020-05-21 | CVE-2020-1189 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. | 4.6 |