Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-07 | CVE-2021-35946 | Improper Privilege Management vulnerability in Owncloud A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions. | 9.8 |
| 2021-09-03 | CVE-2021-39192 | Improper Privilege Management vulnerability in Ghost Ghost is a Node.js content management system. | 7.2 |
| 2021-09-01 | CVE-2021-30355 | Improper Privilege Management vulnerability in Amazon Kindle Firmware Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root. | 8.6 |
| 2021-08-27 | CVE-2021-39167 | Improper Privilege Management vulnerability in Openzeppelin Contracts OpenZepplin is a library for smart contract development. | 9.8 |
| 2021-08-27 | CVE-2021-39168 | Improper Privilege Management vulnerability in Openzeppelin Contracts OpenZepplin is a library for smart contract development. | 9.8 |
| 2021-08-25 | CVE-2021-1579 | Improper Privilege Management vulnerability in Cisco products A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges on an affected system. | 8.8 |
| 2021-08-23 | CVE-2021-29802 | Improper Privilege Management vulnerability in IBM Resilient Security Orchestration Automation and Response IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.5 |
| 2021-08-19 | CVE-2021-24038 | Improper Privilege Management vulnerability in Oculus Desktop 1.39/1.44.0.32849 Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. | 7.8 |
| 2021-08-18 | CVE-2021-34745 | Improper Privilege Management vulnerability in Cisco Appdynamics .Net Agent A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. | 7.8 |
| 2021-08-13 | CVE-2021-37345 | Improper Privilege Management vulnerability in Nagios XI Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because xi-sys.cfg is being imported from the var directory for some scripts with elevated permissions. | 7.8 |