Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-03 | CVE-2022-45988 | Improper Privilege Management vulnerability in Starsoftcomm Coocare starsoftcomm CooCare 5.304 allows local attackers to escalate privileges and execute arbitrary commands via a crafted file upload. | 7.8 |
| 2023-03-02 | CVE-2023-26475 | Improper Privilege Management vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 8.8 |
| 2023-03-01 | CVE-2022-27677 | Improper Privilege Management vulnerability in AMD Ryzen Master 2.2.0.1543 Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user. | 7.8 |
| 2023-02-27 | CVE-2022-48283 | Improper Privilege Management vulnerability in Huawei Hilink AI Life 12.0.2.305 A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. | 9.8 |
| 2023-02-27 | CVE-2022-48284 | Improper Privilege Management vulnerability in Huawei Hilink AI Life 12.0.2.305 A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. | 9.8 |
| 2023-02-17 | CVE-2022-43927 | Improper Privilege Management vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. | 7.5 |
| 2023-02-16 | CVE-2022-38378 | Improper Privilege Management vulnerability in Fortinet Fortios and Fortiproxy An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands. | 6.0 |
| 2023-02-16 | CVE-2023-24483 | Improper Privilege Management vulnerability in Citrix Virtual Apps and Desktops A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA. | 7.8 |
| 2023-02-15 | CVE-2022-42735 | Improper Privilege Management vulnerability in Apache Shenyu 2.5.0 Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 . | 8.8 |
| 2023-02-14 | CVE-2023-21777 | Improper Privilege Management vulnerability in Microsoft Azure APP Service on Azure Stack Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability | 8.7 |