Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-14 | CVE-2019-18822 | Improper Privilege Management vulnerability in Eleveo Call Recording 6.3.1 A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account (i.e., the account under which the program runs - by default, the callrec account) to elevate privileges to root by abusing the [email protected]. | 9.0 |
2020-04-12 | CVE-2020-11708 | Improper Privilege Management vulnerability in Provideserver Provide FTP Server 13.1 An issue was discovered in ProVide (formerly zFTPServer) through 13.1. | 9.8 |
2020-04-10 | CVE-2020-4362 | Improper Privilege Management vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. | 6.5 |
2020-04-09 | CVE-2020-10551 | Improper Privilege Management vulnerability in Tencent Qqbrowser QQBrowser before 10.5.3870.400 installs a Windows service TsService.exe. | 7.2 |
2020-04-08 | CVE-2020-8828 | Improper Privilege Management vulnerability in Linuxfoundation Argo Continuous Delivery As of v1.5.0, the default admin password is set to the argocd-server pod name. | 6.5 |
2020-04-08 | CVE-2020-1885 | Improper Privilege Management vulnerability in Oculus Desktop Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file. | 4.6 |
2020-04-08 | CVE-2020-1991 | Improper Privilege Management vulnerability in Paloaltonetworks Traps An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. | 3.6 |
2020-04-08 | CVE-2020-1989 | Improper Privilege Management vulnerability in Paloaltonetworks Globalprotect 5.0/5.0.4/5.1 An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. | 7.2 |
2020-04-07 | CVE-2020-5302 | Improper Privilege Management vulnerability in Mh-Wikibot Project Mh-Wikibot MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. | 6.4 |
2020-04-07 | CVE-2020-11561 | Improper Privilege Management vulnerability in Nchsoftware Express Invoice 7.25 In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen. | 6.5 |