Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-12 | CVE-2022-2249 | Improper Privilege Management vulnerability in Avaya Aura Communication Manager Privilege escalation related vulnerabilities were discovered in Avaya Aura Communication Manager that may allow local administrative users to escalate their privileges. | 6.7 |
| 2022-10-06 | CVE-2022-2637 | Improper Privilege Management vulnerability in Hitachi Storage Plug-In 04.8.0 Incorrect Privilege Assignment vulnerability in Hitachi Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation.This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.0. | 8.8 |
| 2022-09-27 | CVE-2022-41604 | Improper Privilege Management vulnerability in Checkpoint Zonealarm Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. | 8.8 |
| 2022-09-19 | CVE-2022-38351 | Improper Privilege Management vulnerability in Supremainc Biostar 2 2.8.16 A vulnerability in Suprema BioStar (aka Bio Star) 2 v2.8.16 allows attackers to escalate privileges to System Administrator via a crafted PUT request to the update profile page. | 8.8 |
| 2022-09-19 | CVE-2022-40142 | Improper Privilege Management vulnerability in Trendmicro Apex ONE 2019 A security link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service agents could allow a local attacker to create a writable folder in an arbitrary location and escalate privileges on affected installations. | 7.8 |
| 2022-09-15 | CVE-2022-36075 | Improper Privilege Management vulnerability in Nextcloud Files Access Control Nextcloud files access control is a nextcloud app to manage access control for files. | 4.3 |
| 2022-09-13 | CVE-2022-22483 | Improper Privilege Management vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. | 6.5 |
| 2022-09-13 | CVE-2022-39202 | Improper Privilege Management vulnerability in Matrix IRC Bridge matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. | 6.3 |
| 2022-09-09 | CVE-2022-36861 | Improper Privilege Management vulnerability in Google Android 10.0/11.0/12.0 Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege. | 5.3 |
| 2022-09-09 | CVE-2022-40297 | Improper Privilege Management vulnerability in Ubports Ubuntu Touch 16.04 UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. | 7.8 |