Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-22 | CVE-2022-0222 | Improper Privilege Management vulnerability in Schneider-Electric products A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. | 7.5 |
| 2022-11-18 | CVE-2022-42459 | Improper Privilege Management vulnerability in Oxilab Image Hover Effects Ultimate Auth. | 7.2 |
| 2022-11-18 | CVE-2022-43308 | Improper Privilege Management vulnerability in Intelbras SG 2404 MR Firmware and SG 2404 POE Firmware INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies. | 7.8 |
| 2022-11-14 | CVE-2022-45183 | Improper Privilege Management vulnerability in Ironmansoftware Powershell Universal Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. | 8.8 |
| 2022-11-10 | CVE-2022-39395 | Improper Privilege Management vulnerability in Go-Vela UI Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. | 9.9 |
| 2022-10-29 | CVE-2022-41974 | Improper Privilege Management vulnerability in multiple products multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. | 7.8 |
| 2022-10-25 | CVE-2022-28169 | Improper Privilege Management vulnerability in Broadcom Fabric Operating System Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools, user, to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user. | 8.8 |
| 2022-10-21 | CVE-2022-34438 | Improper Privilege Management vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. | 6.7 |
| 2022-10-18 | CVE-2022-22239 | Improper Privilege Management vulnerability in Juniper Junos OS Evolved An Execution with Unnecessary Privileges vulnerability in Management Daemon (mgd) of Juniper Networks Junos OS Evolved allows a locally authenticated attacker with low privileges to escalate their privileges on the device and potentially remote systems. | 8.8 |
| 2022-10-17 | CVE-2022-3421 | Improper Privilege Management vulnerability in Google Drive An attacker can pre-create the `/Applications/Google\ Drive.app/Contents/MacOS` directory which is expected to be owned by root to be owned by a non-root user. | 7.3 |