Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-22 | CVE-2021-21911 | Improper Privilege Management vulnerability in Advantech R-Seenet 2.4.15 A privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2021). | 7.2 |
| 2021-12-21 | CVE-2021-36316 | Improper Privilege Management vulnerability in Dell EMC Avamar Server Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. | 6.5 |
| 2021-12-15 | CVE-2021-43835 | Improper Privilege Management vulnerability in Sulu Sulu is an open-source PHP content management system based on the Symfony framework. | 6.5 |
| 2021-12-13 | CVE-2021-39937 | Improper Privilege Management vulnerability in Gitlab A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances | 6.5 |
| 2021-12-13 | CVE-2021-39944 | Improper Privilege Management vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. | 5.5 |
| 2021-12-08 | CVE-2021-37941 | Improper Privilege Management vulnerability in Elastic APM Agent A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. | 4.4 |
| 2021-12-08 | CVE-2021-43528 | Improper Privilege Management vulnerability in multiple products Thunderbird unexpectedly enabled JavaScript in the composition area. | 6.5 |
| 2021-12-08 | CVE-2021-25513 | Improper Privilege Management vulnerability in Google Android 11.0 An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen. | 2.1 |
| 2021-12-03 | CVE-2021-44019 | Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0 An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 7.2 |
| 2021-12-03 | CVE-2021-44020 | Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0 An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 7.2 |