Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-01 | CVE-2020-8145 | Improper Privilege Management vulnerability in UI Unifi Video The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. | 4.0 |
2020-04-01 | CVE-2020-11465 | Improper Privilege Management vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 6.5 |
2020-04-01 | CVE-2020-11463 | Improper Privilege Management vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 5.0 |
2020-04-01 | CVE-2020-3913 | Improper Privilege Management vulnerability in Apple products A permissions issue existed. | 6.8 |
2020-04-01 | CVE-2020-10862 | Improper Privilege Management vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 4.6 |
2020-03-31 | CVE-2020-7009 | Improper Privilege Management vulnerability in Elastic Elasticsearch Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. | 6.5 |
2020-03-31 | CVE-2020-5291 | Improper Privilege Management vulnerability in multiple products Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the `bwrap --userns2` option can be used to make the setuid process keep running as root while being traceable. | 8.5 |
2020-03-27 | CVE-2020-10940 | Improper Privilege Management vulnerability in Phoenixcontact products Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service. | 4.6 |
2020-03-27 | CVE-2020-10939 | Improper Privilege Management vulnerability in Phoenixcontact PC Worx SRT Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation. | 4.6 |
2020-03-27 | CVE-2020-5858 | Improper Privilege Management vulnerability in F5 products On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest or Resource Administrator) with tmsh shell access can execute arbitrary commands with elevated privilege via a crafted tmsh command. | 4.6 |