Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-04 | CVE-2023-25521 | Improper Privilege Management vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. | 7.8 |
| 2023-06-28 | CVE-2023-20136 | Improper Privilege Management vulnerability in Cisco Secure Workload A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. | 6.5 |
| 2023-06-26 | CVE-2023-34146 | Improper Privilege Management vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34147 and CVE-2023-34148. | 7.8 |
| 2023-06-26 | CVE-2023-34147 | Improper Privilege Management vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34148. | 7.8 |
| 2023-06-26 | CVE-2023-34148 | Improper Privilege Management vulnerability in Trendmicro Apex ONE An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34147. | 7.8 |
| 2023-06-23 | CVE-2023-34465 | Improper Privilege Management vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 8.1 |
| 2023-06-23 | CVE-2023-31469 | Improper Privilege Management vulnerability in Apache Streampipes A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. | 8.8 |
| 2023-06-16 | CVE-2023-25185 | Improper Privilege Management vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 7.8 |
| 2023-06-16 | CVE-2023-25188 | Improper Privilege Management vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 7.8 |
| 2023-06-15 | CVE-2023-2847 | Improper Privilege Management vulnerability in Eset Cyber Security, Endpoint Antivirus and Server Security During internal security analysis, a local privilege escalation vulnerability has been identified. | 7.8 |