Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-08 | CVE-2017-1150 | Improper Privilege Management vulnerability in IBM DB2 10.1/10.5/11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. | 3.5 |
| 2017-03-02 | CVE-2017-6401 | Improper Privilege Management vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. | 4.6 |
| 2017-02-27 | CVE-2017-6342 | Improper Privilege Management vulnerability in Dahuasecurity Camera Firmware, NVR Firmware and Smartpss Firmware An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. | 10.0 |
| 2017-02-15 | CVE-2017-0310 | Improper Privilege Management vulnerability in Nvidia GPU Driver All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service. | 4.9 |
| 2017-02-13 | CVE-2017-5142 | Improper Privilege Management vulnerability in Honeywell XL web II Controller Xlwebexe10208/Xlwebexe20100 An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. | 6.5 |
| 2017-02-09 | CVE-2017-5940 | Improper Privilege Management vulnerability in Firejail Project Firejail Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. | 4.6 |
| 2017-01-30 | CVE-2017-5572 | Improper Privilege Management vulnerability in Citrix Xenserver An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. | 5.5 |
| 2017-01-27 | CVE-2017-3257 | Improper Privilege Management vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). | 4.0 |
| 2016-10-14 | CVE-2016-3376 | Improper Privilege Management vulnerability in Microsoft products The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." a different vulnerability than CVE-2016-3266, CVE-2016-7185, and CVE-2016-7211. | 9.3 |
| 2016-07-11 | CVE-2016-2067 | Improper Privilege Management vulnerability in multiple products drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993. | 9.3 |