Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-30 | CVE-2021-28692 | Improper Privilege Management vulnerability in XEN inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPU(s) issuing such commands. | 7.1 |
| 2021-06-28 | CVE-2021-35523 | Improper Privilege Management vulnerability in Securepoint Openvpn-Client Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. | 7.8 |
| 2021-06-24 | CVE-2021-35448 | Improper Privilege Management vulnerability in Remotemouse Emote Interactive Studio 3.008 Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. | 7.8 |
| 2021-06-24 | CVE-2021-29951 | Improper Privilege Management vulnerability in Mozilla Firefox The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. | 6.5 |
| 2021-06-24 | CVE-2021-25650 | Improper Privilege Management vulnerability in Avaya Aura Utility Services 7.0/7.0.1.2/7.1.3 A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a privileged user. | 8.8 |
| 2021-06-24 | CVE-2021-25651 | Improper Privilege Management vulnerability in Avaya Aura Utility Services 7.0/7.0.1.2/7.1.3 A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to escalate privileges. | 7.8 |
| 2021-06-09 | CVE-2021-0052 | Improper Privilege Management vulnerability in Intel Computing Improvement Program Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access. | 7.8 |
| 2021-06-09 | CVE-2021-33356 | Improper Privilege Management vulnerability in Raspap Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges. | 8.8 |
| 2021-06-04 | CVE-2021-27657 | Improper Privilege Management vulnerability in Johnsoncontrols Metasys 11.0 Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. | 8.8 |
| 2021-05-26 | CVE-2018-16497 | Improper Privilege Management vulnerability in Versa-Networks Versa Analytics In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. | 7.8 |