Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-07 | CVE-2020-6652 | Improper Privilege Management vulnerability in Eaton Intelligent Power Manager 1.6/1.67 Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. | 4.6 |
| 2020-05-07 | CVE-2020-12689 | Improper Privilege Management vulnerability in multiple products An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. | 8.8 |
| 2020-05-06 | CVE-2019-4266 | Improper Privilege Management vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 does not have device jailbreak detection which could result in an attacker gaining sensitive information about the device. | 2.1 |
| 2020-05-05 | CVE-2020-12463 | Improper Privilege Management vulnerability in Avira Software Updater An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. | 4.6 |
| 2020-05-04 | CVE-2020-11671 | Improper Privilege Management vulnerability in Teampass Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. | 5.8 |
| 2020-04-30 | CVE-2020-1817 | Improper Privilege Management vulnerability in Huawei Pcmanager 9.0.1.50/9.1.3.1 Huawei PCManager with versions earlier than 10.0.1.36 has a privilege escalation vulnerability. | 4.6 |
| 2020-04-29 | CVE-2020-12473 | Improper Privilege Management vulnerability in Mono Monox 5.1.40.5152 MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program. | 9.0 |
| 2020-04-29 | CVE-2020-12275 | Improper Privilege Management vulnerability in Gitlab GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API. | 5.0 |
| 2020-04-29 | CVE-2020-2575 | Improper Privilege Management vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 4.4 |
| 2020-04-29 | CVE-2020-12446 | Improper Privilege Management vulnerability in Gskill Trident Z Lighting Control The ene.sys driver in G.SKILL Trident Z Lighting Control through 1.00.08 exposes mapping and un-mapping of physical memory, reading and writing to Model Specific Register (MSR) registers, and input from and output to I/O ports to local non-privileged users. | 7.2 |