Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2021-09-15 CVE-2021-33697 Improper Privilege Management vulnerability in SAP Businessobjects Business Intelligence 420/430
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
network
low complexity
sap CWE-269
6.1
2021-09-14 CVE-2021-40354 Improper Privilege Management vulnerability in Siemens Teamcenter Visualization
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2).
network
low complexity
siemens CWE-269
7.1
2021-09-08 CVE-2021-1813 Improper Privilege Management vulnerability in Apple products
A validation issue was addressed with improved logic.
local
low complexity
apple CWE-269
7.8
2021-09-08 CVE-2021-1836 Improper Privilege Management vulnerability in Apple Iphone OS
A logic issue was addressed with improved restrictions.
local
low complexity
apple CWE-269
5.5
2021-09-08 CVE-2021-1839 Improper Privilege Management vulnerability in Apple mac OS X and Macos
The issue was addressed with improved permissions logic.
local
low complexity
apple CWE-269
7.8
2021-09-08 CVE-2021-1851 Improper Privilege Management vulnerability in Apple products
A logic issue was addressed with improved state management.
network
low complexity
apple CWE-269
8.8
2021-09-08 CVE-2021-1853 Improper Privilege Management vulnerability in Apple Macos
A logic issue was addressed with improved state management.
local
low complexity
apple CWE-269
7.8
2021-09-08 CVE-2021-1868 Improper Privilege Management vulnerability in Apple products
A logic issue was addressed with improved state management.
local
low complexity
apple CWE-269
7.8
2021-09-07 CVE-2021-35946 Improper Privilege Management vulnerability in Owncloud
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.
network
low complexity
owncloud CWE-269
critical
9.8
2021-09-03 CVE-2021-39192 Improper Privilege Management vulnerability in Ghost
Ghost is a Node.js content management system.
network
low complexity
ghost CWE-269
7.2