Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-27 | CVE-2022-48284 | Improper Privilege Management vulnerability in Huawei Hilink AI Life 12.0.2.305 A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. | 9.8 |
| 2023-02-17 | CVE-2022-43927 | Improper Privilege Management vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. | 7.5 |
| 2023-02-16 | CVE-2022-38378 | Improper Privilege Management vulnerability in Fortinet Fortios and Fortiproxy An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands. | 6.0 |
| 2023-02-16 | CVE-2023-24483 | Improper Privilege Management vulnerability in Citrix Virtual Apps and Desktops A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA. | 7.8 |
| 2023-02-15 | CVE-2022-42735 | Improper Privilege Management vulnerability in Apache Shenyu 2.5.0 Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 . | 8.8 |
| 2023-02-14 | CVE-2023-21777 | Improper Privilege Management vulnerability in Microsoft Azure APP Service on Azure Stack Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability | 8.7 |
| 2023-02-14 | CVE-2023-25149 | Improper Privilege Management vulnerability in Timescale Timescaledb TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. | 8.8 |
| 2023-02-11 | CVE-2022-34384 | Improper Privilege Management vulnerability in Dell products Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. | 7.8 |
| 2023-02-09 | CVE-2023-21421 | Improper Privilege Management vulnerability in Samsung Android 10.0/11.0 Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN. | 7.8 |
| 2023-02-08 | CVE-2022-38777 | Improper Privilege Management vulnerability in Elastic Endgame and Endpoint Security An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. | 7.8 |