Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-19 | CVE-2022-30526 | Improper Privilege Management vulnerability in Zyxel products A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device. | 7.8 |
| 2022-07-18 | CVE-2022-26118 | Improper Privilege Management vulnerability in Fortinet Fortianalyzer and Fortimanager A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable files on the system. | 6.7 |
| 2022-07-12 | CVE-2022-33708 | Improper Privilege Management vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | 7.8 |
| 2022-07-12 | CVE-2022-33709 | Improper Privilege Management vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | 7.8 |
| 2022-07-12 | CVE-2022-33710 | Improper Privilege Management vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | 7.8 |
| 2022-06-30 | CVE-2022-23720 | Improper Privilege Management vulnerability in Pingidentity Pingid Integration for Windows Login PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. | 8.2 |
| 2022-06-30 | CVE-2017-20121 | Improper Privilege Management vulnerability in Teradici Pcoip Management Console 2.2.0 A vulnerability was found in Teradici Management Console 2.2.0. | 7.8 |
| 2022-06-28 | CVE-2017-20107 | Improper Privilege Management vulnerability in Shadeyouvpn.Com Project Shadeyouvpn.Com 2.0.1.11 A vulnerability, which was classified as problematic, was found in ShadeYouVPN.com Client 2.0.1.11. | 7.8 |
| 2022-06-24 | CVE-2022-22390 | Improper Privilege Management vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. | 7.5 |
| 2022-06-24 | CVE-2020-21046 | Improper Privilege Management vulnerability in Softonic Eagleget 2.1.5.20 A local privilege escalation vulnerability was identified within the "luminati_net_updater_win_eagleget_com" service in EagleGet Downloader version 2.1.5.20 Stable. | 7.8 |