Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-28 | CVE-2017-2094 | Improper Privilege Management vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Workflow and the "MultiReport" function to alter or delete information via unspecified vectors. | 4.3 |
| 2017-04-27 | CVE-2017-8308 | Improper Privilege Management vulnerability in Avast Antivirus In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. | 7.5 |
| 2017-04-04 | CVE-2017-0360 | Improper Privilege Management vulnerability in Tryton file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. | 5.3 |
| 2017-03-29 | CVE-2017-5671 | Improper Privilege Management vulnerability in Honeywell products Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file. | 8.8 |
| 2017-03-24 | CVE-2017-6507 | Improper Privilege Management vulnerability in multiple products An issue was discovered in AppArmor before 2.12. | 5.9 |
| 2017-03-23 | CVE-2017-5207 | Improper Privilege Management vulnerability in Firejail Project Firejail Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument. | 7.8 |
| 2017-03-19 | CVE-2017-5623 | Improper Privilege Management vulnerability in Oneplus Oxygenos An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. | 6.6 |
| 2017-03-17 | CVE-2017-6954 | Improper Privilege Management vulnerability in Buddypress An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. | 4.3 |
| 2017-03-12 | CVE-2017-5624 | Improper Privilege Management vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2 An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. | 9.8 |
| 2017-03-08 | CVE-2017-1150 | Improper Privilege Management vulnerability in IBM DB2 10.1/10.5/11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. | 3.1 |