Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2023-22331 | Improper Privilege Management vulnerability in Contec Conprosys HMI System Use of default credentials vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information. | 7.5 |
| 2023-01-18 | CVE-2023-22809 | Improper Privilege Management vulnerability in multiple products In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. | 7.8 |
| 2023-01-13 | CVE-2023-0221 | Improper Privilege Management vulnerability in Mcafee Application and Change Control Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. | 4.4 |
| 2023-01-08 | CVE-2022-0668 | Improper Privilege Management vulnerability in Jfrog Artifactory JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user. | 9.8 |
| 2022-12-28 | CVE-2022-46172 | Improper Privilege Management vulnerability in Goauthentik Authentik authentik is an open-source Identity provider focused on flexibility and versatility. | 6.4 |
| 2022-12-25 | CVE-2022-37706 | Improper Privilege Management vulnerability in Enlightenment enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. | 7.8 |
| 2022-12-23 | CVE-2022-41290 | Improper Privilege Management vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. | 8.4 |
| 2022-12-23 | CVE-2022-38757 | Improper Privilege Management vulnerability in Microfocus Zenworks 2020 A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. | 7.2 |
| 2022-12-23 | CVE-2022-4687 | Improper Privilege Management vulnerability in Usememos Memos Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0. | 8.1 |
| 2022-12-21 | CVE-2022-46334 | Improper Privilege Management vulnerability in Proofpoint Enterprise Protection Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. | 7.8 |