Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-21 | CVE-2020-1077 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. | 4.6 |
| 2020-05-21 | CVE-2020-1071 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows improperly handles errors tied to Remote Access Common Dialog, aka 'Windows Remote Access Common Dialog Elevation of Privilege Vulnerability'. | 7.2 |
| 2020-05-21 | CVE-2020-1070 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. | 7.2 |
| 2020-05-21 | CVE-2020-1068 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. | 7.2 |
| 2020-05-21 | CVE-2020-1066 | Improper Privilege Management vulnerability in Microsoft .Net Framework 3.0/3.5.1 An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'. | 4.6 |
| 2020-05-21 | CVE-2020-1010 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. | 7.2 |
| 2020-05-20 | CVE-2020-1955 | Improper Privilege Management vulnerability in Apache Couchdb 3.0.0 CouchDB version 3.0.0 shipped with a new configuration setting that governs access control to the entire database server called `require_valid_user_except_for_up`. | 6.8 |
| 2020-05-19 | CVE-2020-8021 | Improper Privilege Management vulnerability in multiple products a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5. | 4.3 |
| 2020-05-18 | CVE-2019-17066 | Improper Privilege Management vulnerability in Ivanti Workspace Control In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. | 7.2 |
| 2020-05-15 | CVE-2020-12798 | Improper Privilege Management vulnerability in Sun-Denshi Universal Forensic Extraction Device Firmware 5.0/7.5.0.845 Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based Authentication option of the Wireless Network Connection screen. | 4.6 |