Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-0784 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. | 7.2 |
| 2020-04-15 | CVE-2020-2908 | Improper Privilege Management vulnerability in multiple products Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 4.6 |
| 2020-04-15 | CVE-2020-2907 | Improper Privilege Management vulnerability in multiple products Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 4.6 |
| 2020-04-15 | CVE-2020-7255 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. | 4.4 |
| 2020-04-15 | CVE-2020-7274 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges). | 7.8 |
| 2020-04-15 | CVE-2020-7273 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters. | 5.5 |
| 2020-04-15 | CVE-2020-7259 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file | 7.8 |
| 2020-04-15 | CVE-2020-7257 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. | 6.3 |
| 2020-04-14 | CVE-2020-8327 | Improper Privilege Management vulnerability in Lenovo Vantage 10.2001.12.0 A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges. | 7.2 |
| 2020-04-14 | CVE-2020-8319 | Improper Privilege Management vulnerability in Lenovo System Interface Foundation 1.0.66.0/1.1.18.3 A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges. | 7.2 |