Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2022-22266 Improper Privilege Management vulnerability in Google Android 10.0/11.0/9.0
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission.
local
low complexity
google CWE-269
3.3
2022-01-10 CVE-2021-45440 Improper Privilege Management vulnerability in Trendmicro products
A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges.
local
low complexity
trendmicro CWE-269
7.8
2022-01-04 CVE-2021-41388 Improper Privilege Management vulnerability in Netskope
Netskope client prior to 89.x on macOS is impacted by a local privilege escalation vulnerability.
local
low complexity
netskope CWE-269
7.8
2022-01-03 CVE-2021-39982 Improper Privilege Management vulnerability in Huawei Harmonyos 2.0
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
network
low complexity
huawei CWE-269
critical
9.1
2021-12-27 CVE-2021-21750 Improper Privilege Management vulnerability in ZTE Zxin10 CMS
ZTE BigVideo Analysis product has a privilege escalation vulnerability.
local
low complexity
zte CWE-269
7.8
2021-12-23 CVE-2018-4478 Improper Privilege Management vulnerability in Apple mac OS X
A validation issue was addressed with improved logic.
low complexity
apple CWE-269
6.8
2021-12-22 CVE-2021-21911 Improper Privilege Management vulnerability in Advantech R-Seenet 2.4.15
A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021).
local
low complexity
advantech CWE-269
7.8
2021-12-21 CVE-2021-36316 Improper Privilege Management vulnerability in Dell EMC Avamar Server
Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI.
network
low complexity
dell CWE-269
7.2
2021-12-13 CVE-2021-39937 Improper Privilege Management vulnerability in Gitlab
A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances
network
low complexity
gitlab CWE-269
8.8
2021-12-13 CVE-2021-39944 Improper Privilege Management vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.
network
low complexity
gitlab CWE-269
7.1