Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-24 | CVE-2023-30622 | Improper Privilege Management vulnerability in Clusternet Clusternet is a general-purpose system for controlling Kubernetes clusters across different environments. | 8.8 |
| 2023-04-24 | CVE-2023-25133 | Improper Privilege Management vulnerability in Cyberpower Powerpanel 4.8.6 Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors. | 9.8 |
| 2023-04-22 | CVE-2023-2240 | Improper Privilege Management vulnerability in Microweber Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4. | 8.8 |
| 2023-04-21 | CVE-2022-47505 | Improper Privilege Management vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. | 7.8 |
| 2023-04-19 | CVE-2023-22645 | Improper Privilege Management vulnerability in Linuxfoundation Kubewarden-Controller An Improper Privilege Management vulnerability in SUSE kubewarden allows attackers to read arbitrary secrets if they get access to the ServiceAccount kubewarden-controller This issue affects: SUSE kubewarden kubewarden-controller versions prior to 1.6.0. | 8.8 |
| 2023-04-18 | CVE-2023-1548 | Improper Privilege Management vulnerability in Schneider-Electric Ecostruxure Control Expert 15.1 A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to perform a denial of service through the console server service that is part of EcoStruxure Control Expert. | 5.5 |
| 2023-04-17 | CVE-2023-22946 | Improper Privilege Management vulnerability in Apache Spark In Apache Spark versions prior to 3.4.0, applications using spark-submit can specify a 'proxy-user' to run as, limiting privileges. | 9.9 |
| 2023-04-13 | CVE-2023-1326 | Improper Privilege Management vulnerability in Canonical Apport A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. | 7.8 |
| 2023-04-12 | CVE-2023-27830 | Improper Privilege Management vulnerability in Tightvnc TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. | 9.0 |
| 2023-04-11 | CVE-2022-27487 | Improper Privilege Management vulnerability in Fortinet Fortideceptor and Fortisandbox A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS requests. | 8.8 |