Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-35448 | Improper Privilege Management vulnerability in Remotemouse Emote Interactive Studio 3.008 Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. | 7.8 |
| 2021-06-24 | CVE-2021-29951 | Improper Privilege Management vulnerability in Mozilla Firefox The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. | 6.5 |
| 2021-06-24 | CVE-2021-25650 | Improper Privilege Management vulnerability in Avaya Aura Utility Services 7.0/7.0.1.2/7.1.3 A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. | 8.8 |
| 2021-06-24 | CVE-2021-25651 | Improper Privilege Management vulnerability in Avaya Aura Utility Services 7.0/7.0.1.2/7.1.3 A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to escalate privileges. | 7.8 |
| 2021-06-09 | CVE-2021-0052 | Improper Privilege Management vulnerability in Intel Computing Improvement Program Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access. | 7.8 |
| 2021-06-09 | CVE-2021-33356 | Improper Privilege Management vulnerability in Raspap Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges. | 8.8 |
| 2021-06-04 | CVE-2021-27657 | Improper Privilege Management vulnerability in Johnsoncontrols Metasys 11.0 Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. | 8.8 |
| 2021-05-26 | CVE-2018-16497 | Improper Privilege Management vulnerability in Versa-Networks Versa Analytics In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. | 7.8 |
| 2021-05-24 | CVE-2020-28904 | Improper Privilege Management vulnerability in Nagios Fusion Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code. | 9.8 |
| 2021-05-24 | CVE-2021-20713 | Improper Privilege Management vulnerability in Qualitysoft QND 10.3I/10.4I Privilege escalation vulnerability in QND Advance/Premium/Standard Ver.11.0.4i and earlier allows an attacker who can log in to the PC where the product's Windows client is installed to gain administrative privileges via unspecified vectors. | 7.8 |