Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-19 | CVE-2022-36157 | Improper Privilege Management vulnerability in Xuxueli Xxl-Job XXL-JOB all versions as of 11 July 2022 are vulnerable to Insecure Permissions resulting in the ability to execute admin function with low Privilege account. | 8.8 |
| 2022-08-19 | CVE-2022-1901 | Improper Privilege Management vulnerability in Octopus Server In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview. | 5.3 |
| 2022-08-18 | CVE-2022-2568 | Improper Privilege Management vulnerability in Redhat Ansible Automation Platform 2.0/2.1/2.2 A privilege escalation flaw was found in the Ansible Automation Platform. | 6.5 |
| 2022-08-18 | CVE-2022-37025 | Improper Privilege Management vulnerability in Mcafee Security Scan Plus An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. | 7.8 |
| 2022-08-16 | CVE-2020-10728 | Improper Privilege Management vulnerability in Automationbroker APB A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. | 7.8 |
| 2022-08-05 | CVE-2022-2498 | Improper Privilege Management vulnerability in Gitlab An issue in pipeline subscriptions in GitLab EE affecting all versions from 12.8 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 triggered new pipelines with the person who created the tag as the pipeline creator instead of the subscription's author. | 7.5 |
| 2022-08-05 | CVE-2022-36833 | Improper Privilege Management vulnerability in Samsung Gameoptimizingservice Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name. | 7.8 |
| 2022-08-04 | CVE-2022-33962 | Improper Privilege Management vulnerability in F5 products In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. | 6.7 |
| 2022-08-04 | CVE-2022-35243 | Improper Privilege Management vulnerability in F5 products In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.5.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, using an undisclosed iControl REST endpoint. | 9.1 |
| 2022-08-01 | CVE-2022-2273 | Improper Privilege Management vulnerability in Simple-Membership-Plugin Simple Membership The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membership_level parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request. | 8.8 |