Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-23 | CVE-2022-41290 | Improper Privilege Management vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. | 8.4 |
| 2022-12-23 | CVE-2022-38757 | Improper Privilege Management vulnerability in Microfocus Zenworks 2020 A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. | 7.2 |
| 2022-12-23 | CVE-2022-4687 | Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0. | 8.1 |
| 2022-12-21 | CVE-2022-46334 | Improper Privilege Management vulnerability in Proofpoint Enterprise Protection Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. | 7.8 |
| 2022-12-21 | CVE-2022-38065 | Improper Privilege Management vulnerability in Redhat Openstack A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. | 8.8 |
| 2022-12-20 | CVE-2022-42046 | wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation | 7.8 |
| 2022-12-13 | CVE-2022-38124 | Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner. | 6.5 |
| 2022-12-13 | CVE-2022-41268 | Improper Privilege Management vulnerability in SAP Business Planning and Consolidation In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. | 7.5 |
| 2022-12-12 | CVE-2022-4314 | Improper Privilege Management vulnerability in Ikus-Soft Rdiffweb Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2. | 9.8 |
| 2022-12-12 | CVE-2022-37929 | Improper Privilege Management vulnerability in HPE products Improper Privilege Management vulnerability in Hewlett Packard Enterprise Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays. | 5.5 |