Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-27 | CVE-2017-15053 | Improper Privilege Management vulnerability in Teampass TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting roles.queries.php. | 4.9 |
| 2017-11-27 | CVE-2017-15052 | Improper Privilege Management vulnerability in Teampass TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting users.queries.php. | 4.9 |
| 2017-11-17 | CVE-2017-1000241 | Improper Privilege Management vulnerability in Open-Emr Openemr 5.0.1 The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. | 8.1 |
| 2017-11-14 | CVE-2017-12635 | Improper Privilege Management vulnerability in Apache Couchdb Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. | 9.8 |
| 2017-11-11 | CVE-2017-16520 | Improper Privilege Management vulnerability in Inedo Buildmaster Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners. | 7.5 |
| 2017-11-06 | CVE-2017-14031 | Improper Privilege Management vulnerability in Trihedral Vtscada An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. | 7.8 |
| 2017-11-03 | CVE-2017-1000156 | Improper Privilege Management vulnerability in Mahara Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a group's configuration page being editable by any group member even when they didn't have the admin role. | 6.5 |
| 2017-10-30 | CVE-2017-9450 | Improper Privilege Management vulnerability in Amazon web Services Cloudformation Bootstrap The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory. | 7.8 |
| 2017-10-27 | CVE-2017-5084 | Improper Privilege Management vulnerability in Google Chrome OS Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint. | 3.3 |
| 2017-10-26 | CVE-2017-15917 | Improper Privilege Management vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server. | 6.5 |