Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-37941 | Improper Privilege Management vulnerability in Elastic APM Agent A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. | 7.8 |
| 2021-12-08 | CVE-2021-43528 | Improper Privilege Management vulnerability in multiple products Thunderbird unexpectedly enabled JavaScript in the composition area. | 6.5 |
| 2021-12-08 | CVE-2021-25513 | Improper Privilege Management vulnerability in Google Android 11.0 An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen. | 2.4 |
| 2021-12-03 | CVE-2021-44019 | Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0 An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-12-03 | CVE-2021-44020 | Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0 An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-12-03 | CVE-2021-44021 | Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0 An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-11-23 | CVE-2021-35052 | Improper Privilege Management vulnerability in Kaspersky Password Manager 9.0.2 A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High. | 7.8 |
| 2021-11-21 | CVE-2021-28710 | Improper Privilege Management vulnerability in multiple products certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures (page tables) may (and, on suitable hardware, by default will) be shared between CPUs, for second-level translation (EPT), and IOMMUs. | 8.8 |
| 2021-11-18 | CVE-2021-23193 | Improper Privilege Management vulnerability in Gallagher Command Centre Improper privilege validation vulnerability in COM Interface of Gallagher Command Centre Server allows authenticated unprivileged operators to retrieve sensitive information from the Command Centre Server. | 6.5 |
| 2021-11-18 | CVE-2021-35534 | Improper Privilege Management vulnerability in Hitachienergy products Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. | 7.2 |