Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-09 | CVE-2018-14894 | Improper Privilege Management vulnerability in Cyberark Endpoint Privilege Manager 10.2.1.603 CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications. | 7.8 |
| 2019-04-09 | CVE-2017-17544 | Improper Privilege Management vulnerability in Fortinet Fortios A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations. | 7.2 |
| 2019-04-08 | CVE-2019-10676 | Improper Privilege Management vulnerability in Uniqkey Password Manager 1.14 An issue was discovered in Uniqkey Password Manager 1.14. | 6.5 |
| 2019-04-03 | CVE-2018-4310 | Improper Privilege Management vulnerability in Apple mac OS X An access issue was addressed with additional sandbox restrictions. | 10.0 |
| 2019-03-28 | CVE-2019-1754 | Improper Privilege Management vulnerability in Cisco IOS XE A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. | 8.8 |
| 2019-03-27 | CVE-2018-19648 | Improper Privilege Management vulnerability in Adtran Pmaa 1.6.2/1.6.3 An issue was discovered in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4. | 8.8 |
| 2019-03-26 | CVE-2019-3849 | Improper Privilege Management vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. | 8.8 |
| 2019-03-25 | CVE-2018-16838 | Improper Privilege Management vulnerability in multiple products A flaw was found in sssd Group Policy Objects implementation. | 5.4 |
| 2019-03-21 | CVE-2019-5415 | Improper Privilege Management vulnerability in Zeit Serve 6.5.3 A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to. | 7.5 |
| 2019-03-21 | CVE-2018-11767 | Improper Privilege Management vulnerability in Apache Hadoop In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms. | 7.4 |