Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-10 | CVE-2022-39395 | Improper Privilege Management vulnerability in Go-Vela UI Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. | 9.9 |
| 2022-11-01 | CVE-2022-3369 | Improper Privilege Management vulnerability in Bitdefender Engines An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. | 5.5 |
| 2022-10-31 | CVE-2022-3419 | Improper Privilege Management vulnerability in Addify Automatic User Roles Switcher The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator | 6.5 |
| 2022-10-29 | CVE-2022-41974 | Improper Privilege Management vulnerability in multiple products multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. | 7.8 |
| 2022-10-26 | CVE-2022-43749 | Improper Privilege Management vulnerability in Synology Presto File Server Improper privilege management vulnerability in summary report management in Synology Presto File Server before 2.1.2-1601 allows remote authenticated users to bypass security constraint via unspecified vectors. | 8.8 |
| 2022-10-25 | CVE-2022-28169 | Improper Privilege Management vulnerability in Broadcom Fabric Operating System Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools, user, to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user. | 8.8 |
| 2022-10-21 | CVE-2022-34438 | Improper Privilege Management vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. | 6.7 |
| 2022-10-19 | CVE-2022-41835 | Improper Privilege Management vulnerability in F5 F5Os-A and F5Os-C In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated local attacker to execute limited set of commands in a container and impact the F5OS controller. | 8.8 |
| 2022-10-18 | CVE-2022-22239 | Improper Privilege Management vulnerability in Juniper Junos OS Evolved An Execution with Unnecessary Privileges vulnerability in Management Daemon (mgd) of Juniper Networks Junos OS Evolved allows a locally authenticated attacker with low privileges to escalate their privileges on the device and potentially remote systems. | 8.8 |
| 2022-10-17 | CVE-2022-3421 | Improper Privilege Management vulnerability in Google Drive An attacker can pre-create the `/Applications/Google\ Drive.app/Contents/MacOS` directory which is expected to be owned by root to be owned by a non-root user. | 7.3 |