Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2023-12-29 CVE-2023-51435 Improper Privilege Management vulnerability in Hihonor Magic UI
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.
local
low complexity
hihonor CWE-269
7.1
7.1
2023-12-29 CVE-2023-23427 Improper Privilege Management vulnerability in Hihonor Magic OS
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
network
low complexity
hihonor CWE-269
7.5
7.5
2023-12-29 CVE-2023-23428 Improper Privilege Management vulnerability in Hihonor Magic OS
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
network
low complexity
hihonor CWE-269
7.5
7.5
2023-12-29 CVE-2023-23429 Improper Privilege Management vulnerability in Hihonor Magic OS
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
network
low complexity
hihonor CWE-269
7.5
7.5
2023-12-29 CVE-2023-23430 Improper Privilege Management vulnerability in Hihonor Magichome
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
network
low complexity
hihonor CWE-269
7.5
7.5
2023-12-29 CVE-2023-23438 Improper Privilege Management vulnerability in Hihonor Lge-An00 Firmware
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions
local
low complexity
hihonor CWE-269
5.5
5.5
2023-12-23 CVE-2023-7090 Improper Privilege Management vulnerability in Sudo Project Sudo
A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo.
network
low complexity
sudo-project CWE-269
8.8
8.8
2023-12-22 CVE-2023-51386 Improper Privilege Management vulnerability in Amazon Awslabs Sandbox Accounts for Events
Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI.
local
low complexity
amazon CWE-269
3.3
3.3
2023-12-21 CVE-2023-46647 Improper Privilege Management vulnerability in Github Enterprise Server
Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.6, 3.10.3, and 3.11.0.
network
low complexity
github CWE-269
8.8
8.8
2023-12-21 CVE-2023-6804 Improper Privilege Management vulnerability in Github Enterprise Server
Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT.
local
low complexity
github CWE-269
5.5
5.5