Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-26 | CVE-2023-34147 | Improper Privilege Management vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34148. | 7.8 |
2023-06-26 | CVE-2023-34148 | Improper Privilege Management vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34147. | 7.8 |
2023-06-16 | CVE-2023-25185 | Improper Privilege Management vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 7.8 |
2023-06-16 | CVE-2023-25188 | Improper Privilege Management vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 7.8 |
2023-06-15 | CVE-2023-2847 | Improper Privilege Management vulnerability in Eset Cyber Security, Endpoint Antivirus and Server Security During internal security analysis, a local privilege escalation vulnerability has been identified. | 7.8 |
2023-06-14 | CVE-2023-26062 | Improper Privilege Management vulnerability in Nokia web Element Manager 21B A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute administrative functions. | 7.8 |
2023-06-07 | CVE-2019-25151 | Improper Privilege Management vulnerability in Cartflows The Funnel Builder plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the activate_plugin function in versions up to, and including, 1.3.0. | 4.3 |
2023-06-06 | CVE-2023-2833 | Improper Privilege Management vulnerability in Wpdeveloper Reviewx The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rx_set_screen_options' function. | 8.8 |
2023-06-01 | CVE-2023-32713 | Improper Privilege Management vulnerability in Splunk APP for Stream In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user. | 9.9 |
2023-05-30 | CVE-2023-29734 | Improper Privilege Management vulnerability in MWM Edjing MIX 7.09.01 An issue found in edjing Mix v.7.09.01 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the database. | 9.8 |