Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-13 | CVE-2019-3651 | Improper Privilege Management vulnerability in Mcafee Advanced Threat Defense Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive. | 8.8 |
| 2019-11-13 | CVE-2010-4664 | Improper Privilege Management vulnerability in multiple products In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. | 6.5 |
| 2019-11-13 | CVE-2019-2197 | Improper Privilege Management vulnerability in Google Android In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. | 2.1 |
| 2019-11-13 | CVE-2019-2193 | Improper Privilege Management vulnerability in Google Android In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. | 7.2 |
| 2019-11-12 | CVE-2019-1388 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'. | 7.2 |
| 2019-11-09 | CVE-2019-18845 | Improper Privilege Management vulnerability in Patriotmemory Viper RGB Firmware 1.0 The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection. | 3.6 |
| 2019-11-08 | CVE-2019-18623 | Improper Privilege Management vulnerability in Energycap 7.0.0/7.5.6 Escalation of privileges in EnergyCAP 7 through 7.5.6 allows an attacker to access data. | 7.5 |
| 2019-11-06 | CVE-2006-4243 | Improper Privilege Management vulnerability in Linux-Vserver linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code. | 10.0 |
| 2019-11-04 | CVE-2013-4251 | Improper Privilege Management vulnerability in multiple products The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. | 4.6 |
| 2019-10-31 | CVE-2013-2012 | Improper Privilege Management vulnerability in multiple products autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install directory in the current working directory. | 4.4 |