Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-43528 | Improper Privilege Management vulnerability in multiple products Thunderbird unexpectedly enabled JavaScript in the composition area. | 6.5 |
| 2021-12-08 | CVE-2021-25513 | Improper Privilege Management vulnerability in Google Android 11.0 An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen. | 2.4 |
| 2021-12-03 | CVE-2021-44019 | Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0 An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-12-03 | CVE-2021-44020 | Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0 An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-12-03 | CVE-2021-44021 | Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0 An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-11-23 | CVE-2021-35052 | Improper Privilege Management vulnerability in Kaspersky Password Manager 9.0.2 A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High. | 7.8 |
| 2021-11-21 | CVE-2021-28710 | Improper Privilege Management vulnerability in multiple products certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures (page tables) may (and, on suitable hardware, by default will) be shared between CPUs, for second-level translation (EPT), and IOMMUs. | 8.8 |
| 2021-11-18 | CVE-2021-23193 | Improper Privilege Management vulnerability in Gallagher Command Centre Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. | 6.5 |
| 2021-11-18 | CVE-2021-35534 | Improper Privilege Management vulnerability in Hitachienergy products Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. | 7.2 |
| 2021-11-17 | CVE-2021-42956 | Improper Privilege Management vulnerability in Zoho Manageengine Remote Access Plus Server 10.1.2121.1/10.1.2132 Zoho Remote Access Plus Server Windows Desktop Binary fixed in 10.1.2132.6 is affected by a sensitive information disclosure vulnerability. | 8.8 |