Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-16 | CVE-2021-20075 | Improper Privilege Management vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd. | 7.8 |
| 2021-02-16 | CVE-2020-35557 | Improper Privilege Management vulnerability in multiple products An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 allows a logged in user to see devices in the account he should not have access to due to improper use of access validation. | 6.5 |
| 2021-02-15 | CVE-2020-29031 | Improper Privilege Management vulnerability in Secomea products An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker to reset the password of any user in its domain or any sub-domain, via escalation of privileges. | 8.1 |
| 2021-02-10 | CVE-2021-26936 | Improper Privilege Management vulnerability in Replaysorcery Project Replaysorcery The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when using the default setuid-root configuration, allows a local attacker to escalate privileges to root by specifying video output paths in privileged locations. | 7.8 |
| 2021-02-10 | CVE-2021-0327 | Improper Privilege Management vulnerability in Google Android In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. | 7.8 |
| 2021-01-20 | CVE-2020-6024 | Improper Privilege Management vulnerability in Checkpoint Smartconsole Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users. | 7.8 |
| 2021-01-14 | CVE-2021-20618 | Improper Privilege Management vulnerability in Acmailer and Acmailer DB Privilege chaining vulnerability in acmailer ver. | 9.8 |
| 2021-01-13 | CVE-2021-1258 | Improper Privilege Management vulnerability in multiple products A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device. | 5.5 |
| 2021-01-13 | CVE-2020-9141 | Improper Privilege Management vulnerability in Huawei Emui and Magic UI There is a improper privilege management vulnerability in some Huawei smartphone. | 9.1 |
| 2021-01-11 | CVE-2021-0306 | Improper Privilege Management vulnerability in Google Android In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNITION permission without user confirmation. | 7.8 |