Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-08 | CVE-2023-4009 | Improper Privilege Management vulnerability in Mongodb OPS Manager Server In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an authenticated user with project owner or project user admin access to generate an API key with the privileges of org owner resulting in privilege escalation. | 7.2 |
| 2023-08-07 | CVE-2023-39520 | Improper Privilege Management vulnerability in Cryptomator Cryptomator encrypts data being stored on cloud infrastructure. | 7.8 |
| 2023-08-02 | CVE-2023-31432 | Improper Privilege Management vulnerability in Broadcom Brocade Fabric Operating System Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0. | 7.8 |
| 2023-07-25 | CVE-2023-37907 | Improper Privilege Management vulnerability in Cryptomator Cryptomator is data encryption software for users who store their files in the cloud. | 7.8 |
| 2023-07-14 | CVE-2023-3513 | Improper Privilege Management vulnerability in Razer Central Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and triggering an insecure .NET deserialization. | 7.8 |
| 2023-07-14 | CVE-2023-3514 | Improper Privilege Management vulnerability in Razer Central Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer RazerCentral <=7.11.0.558 on Windows allows a malicious actor with local access to gain SYSTEM privilege via communicating with the named pipe as a low-privilege user and calling "AddModule" or "UninstallModules" command to execute arbitrary executable file. | 7.8 |
| 2023-07-10 | CVE-2021-42082 | Improper Privilege Management vulnerability in Osnexus Quantastor 4.3.0 Local users are able to execute scripts under root privileges. | 7.8 |
| 2023-07-10 | CVE-2023-27558 | Improper Privilege Management vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. | 7.8 |
| 2023-07-10 | CVE-2023-29256 | Improper Privilege Management vulnerability in IBM DB2 10.5.0.11/11.1.4.7/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features are used. | 6.5 |
| 2023-07-06 | CVE-2023-30642 | Improper Privilege Management vulnerability in Samsung Android 12.0/13.0 Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function. | 5.5 |