Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-03 | CVE-2023-20854 | Improper Privilege Management vulnerability in VMWare Workstation 17.0 VMware Workstation contains an arbitrary file deletion vulnerability. | 8.4 |
| 2023-02-02 | CVE-2020-24307 | Improper Privilege Management vulnerability in Mremoteng 1.76.20 An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. | 7.8 |
| 2023-02-01 | CVE-2022-45101 | Improper Privilege Management vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. | 9.8 |
| 2023-01-31 | CVE-2022-4041 | Improper Privilege Management vulnerability in Hitachi Storage Plug-In 04.8.0/04.9.0 Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.1. | 8.8 |
| 2023-01-31 | CVE-2022-4441 | Improper Privilege Management vulnerability in Hitachi Storage Plug-In 04.8.0/04.9.0 Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.9.0 before 04.9.1. | 8.8 |
| 2023-01-20 | CVE-2023-0101 | Improper Privilege Management vulnerability in Tenable Nessus A privilege escalation vulnerability was identified in Nessus versions 8.10.1 through 8.15.8 and 10.0.0 through 10.4.1. | 8.8 |
| 2023-01-20 | CVE-2023-22331 | Improper Privilege Management vulnerability in Contec Conprosys HMI System Use of default credentials vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information. | 7.5 |
| 2023-01-18 | CVE-2023-22809 | Improper Privilege Management vulnerability in multiple products In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. | 7.8 |
| 2023-01-13 | CVE-2023-0221 | Improper Privilege Management vulnerability in Mcafee Application and Change Control Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. | 4.4 |
| 2023-01-08 | CVE-2022-0668 | Improper Privilege Management vulnerability in Jfrog Artifactory JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user. | 9.8 |