Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-12 | CVE-2023-27830 | Improper Privilege Management vulnerability in Tightvnc TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. | 9.0 |
| 2023-04-11 | CVE-2022-27487 | Improper Privilege Management vulnerability in Fortinet Fortideceptor and Fortisandbox A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS requests. | 8.8 |
| 2023-03-29 | CVE-2023-0664 | Improper Privilege Management vulnerability in multiple products A flaw was found in the QEMU Guest Agent service for Windows. | 7.8 |
| 2023-03-23 | CVE-2023-28436 | Improper Privilege Management vulnerability in Tailscale Tailscale is software for using Wireguard and multi-factor authentication (MFA). | 8.0 |
| 2023-03-22 | CVE-2022-43863 | Improper Privilege Management vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. | 7.2 |
| 2023-03-22 | CVE-2023-25590 | Improper Privilege Management vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. | 7.8 |
| 2023-03-16 | CVE-2023-21458 | Improper Privilege Management vulnerability in Samsung Android 11.0/12.0/13.0 Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent. | 3.3 |
| 2023-03-16 | CVE-2023-24760 | Improper Privilege Management vulnerability in Ofcms Project Ofcms 1.1.4 An issue found in Ofcms v.1.1.4 allows a remote attacker to to escalate privileges via the respwd method in SysUserController. | 8.8 |
| 2023-03-12 | CVE-2022-48365 | Improper Privilege Management vulnerability in Ibexa Digital Experience Platform and EZ Platform Kernel An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. | 7.2 |
| 2023-03-07 | CVE-2022-39953 | Improper Privilege Management vulnerability in Fortinet Fortinac A improper privilege management in Fortinet FortiNAC version 9.4.0 through 9.4.1, FortiNAC version 9.2.0 through 9.2.6, FortiNAC version 9.1.0 through 9.1.8, FortiNAC all versions 8.8, FortiNAC all versions 8.7, FortiNAC all versions 8.6, FortiNAC all versions 8.5, FortiNAC version 8.3.7 allows attacker to escalation of privilege via specially crafted commands. | 7.8 |