Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2021-27657 | Improper Privilege Management vulnerability in Johnsoncontrols Metasys 11.0 Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. | 8.8 |
| 2021-05-26 | CVE-2018-16497 | Improper Privilege Management vulnerability in Versa-Networks Versa Analytics In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. | 7.8 |
| 2021-05-24 | CVE-2020-28904 | Improper Privilege Management vulnerability in Nagios Fusion Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code. | 9.8 |
| 2021-05-24 | CVE-2021-20713 | Improper Privilege Management vulnerability in Qualitysoft QND 10.3I/10.4I Privilege escalation vulnerability in QND Advance/Premium/Standard Ver.11.0.4i and earlier allows an attacker who can log in to the PC where the product's Windows client is installed to gain administrative privileges via unspecified vectors. | 7.8 |
| 2021-05-12 | CVE-2021-23891 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense. | 7.8 |
| 2021-05-06 | CVE-2020-23128 | Improper Privilege Management vulnerability in Chamilo LMS 1.11.10 Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege. | 4.9 |
| 2021-05-06 | CVE-2020-28008 | Improper Privilege Management vulnerability in Exim Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. | 7.8 |
| 2021-05-06 | CVE-2020-28014 | Improper Privilege Management vulnerability in Exim Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. | 6.1 |
| 2021-05-04 | CVE-2020-27518 | Improper Privilege Management vulnerability in Windscribe All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. | 7.8 |
| 2021-04-30 | CVE-2020-27519 | Improper Privilege Management vulnerability in Pritunl Pritunl-Client-Electron 1.2.2550.20 Pritunl Client v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. | 7.8 |