Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-30 | CVE-2018-10514 | Improper Privilege Management vulnerability in Trendmicro products A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.8 |
| 2018-08-29 | CVE-2018-15912 | Improper Privilege Management vulnerability in Manjaro Linux An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. | 7.8 |
| 2018-08-23 | CVE-2018-14791 | Improper Privilege Management vulnerability in Emerson Deltav Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products. | 7.8 |
| 2018-08-22 | CVE-2018-14787 | Improper Privilege Management vulnerability in Philips Intellispace Cardiovascular and Xcelera In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticated users have write permissions, and could then execute arbitrary code with local administrative permissions. | 7.8 |
| 2018-08-20 | CVE-2018-1000648 | Improper Privilege Management vulnerability in Librehealth EHR 2.0.0 LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. | 8.8 |
| 2018-08-20 | CVE-2018-1000634 | Improper Privilege Management vulnerability in Openmicroscopy Omero The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains an Improper Access Control vulnerability in User management that can result in administrative user with privilege restrictions logging in as a more powerful administrator. | 7.2 |
| 2018-08-15 | CVE-2018-0428 | Improper Privilege Management vulnerability in Cisco web Security Appliance A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. | 6.7 |
| 2018-08-02 | CVE-2018-14836 | Improper Privilege Management vulnerability in Subrion CMS 4.2.1 Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it (but not perform actions) if the Guests user group has access to the Admin panel. | 6.5 |
| 2018-08-01 | CVE-2018-1999032 | Improper Privilege Management vulnerability in Agiletestware Pangolin Connector for Testrail 2.1 A data modification vulnerability exists in Jenkins Agiletestware Pangolin Connector for TestRail Plugin 2.1 and earlier in GlobalConfig.java that allows attackers with Overall/Read permission to override this plugin's configuration by sending crafted HTTP requests to an unprotected endpoint. | 6.5 |
| 2018-07-26 | CVE-2018-0613 | Improper Privilege Management vulnerability in Necplatforms products NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote authenticated attackers to bypass access restriction to conduct arbitrary operations with administrative privilege via unspecified vectors. | 8.8 |