Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2023-41743 | Improper Privilege Management vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office Local privilege escalation due to insecure driver communication port permissions. | 7.8 |
| 2023-08-31 | CVE-2022-45451 | Improper Privilege Management vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office Local privilege escalation due to insecure driver communication port permissions. | 7.8 |
| 2023-08-30 | CVE-2023-20266 | Improper Privilege Management vulnerability in Cisco products A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. | 7.2 |
| 2023-08-29 | CVE-2023-32457 | Improper Privilege Management vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. | 8.8 |
| 2023-08-25 | CVE-2019-13690 | Improper Privilege Management vulnerability in Google Chrome Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. | 9.6 |
| 2023-08-23 | CVE-2023-4404 | Improper Privilege Management vulnerability in Wpcharitable Charitable The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. | 9.8 |
| 2023-08-22 | CVE-2023-38734 | Improper Privilege Management vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. | 9.8 |
| 2023-08-14 | CVE-2023-21269 | Improper Privilege Management vulnerability in Google Android 13.0 In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. | 7.8 |
| 2023-08-14 | CVE-2023-3160 | Improper Privilege Management vulnerability in Eset products The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions. | 7.8 |
| 2023-08-11 | CVE-2021-28411 | Improper Privilege Management vulnerability in Ruoyi 3.4.0 An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges. | 9.8 |