Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2022-20112 | Improper Privilege Management vulnerability in Google Android In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. | 5.5 |
| 2022-05-10 | CVE-2022-20114 | Improper Privilege Management vulnerability in Google Android In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. | 7.8 |
| 2022-05-10 | CVE-2022-1397 | Improper Privilege Management vulnerability in Easyappointments API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | 8.8 |
| 2022-05-06 | CVE-2021-27765 | Improper Privilege Management vulnerability in Hcltech Bigfix Platform The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. | 7.8 |
| 2022-05-06 | CVE-2021-27766 | Improper Privilege Management vulnerability in Hcltech Bigfix Platform The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. | 7.8 |
| 2022-05-06 | CVE-2021-27767 | Improper Privilege Management vulnerability in Hcltech Bigfix Platform The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. | 7.8 |
| 2022-05-04 | CVE-2022-25782 | Improper Privilege Management vulnerability in Secomea products Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. | 5.4 |
| 2022-05-03 | CVE-2022-20759 | Improper Privilege Management vulnerability in Cisco Firepower Threat Defense A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. | 8.8 |
| 2022-05-02 | CVE-2021-36784 | Improper Privilege Management vulnerability in Suse Rancher A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. | 7.2 |
| 2022-04-29 | CVE-2021-36207 | Improper Privilege Management vulnerability in Johnsoncontrols products Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator. | 8.8 |