Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2021-10-13 CVE-2021-40488 Improper Privilege Management vulnerability in Microsoft products
Storage Spaces Controller Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-269
7.8
7.8
2021-10-13 CVE-2021-40489 Improper Privilege Management vulnerability in Microsoft products
Storage Spaces Controller Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-269
7.8
7.8
2021-10-13 CVE-2021-41334 Improper Privilege Management vulnerability in Microsoft products
Windows Desktop Bridge Elevation of Privilege Vulnerability
local
high complexity
microsoft CWE-269
7.0
7.0
2021-10-13 CVE-2021-41335 Improper Privilege Management vulnerability in Microsoft products
Windows Kernel Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-269
7.8
7.8
2021-10-13 CVE-2021-41339 Improper Privilege Management vulnerability in Microsoft products
Microsoft DWM Core Library Elevation of Privilege Vulnerability
local
high complexity
microsoft CWE-269
4.7
4.7
2021-10-13 CVE-2021-41345 Improper Privilege Management vulnerability in Microsoft products
Storage Spaces Controller Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-269
7.8
7.8
2021-10-13 CVE-2021-41347 Improper Privilege Management vulnerability in Microsoft products
Windows AppX Deployment Service Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-269
7.8
7.8
2021-10-13 CVE-2021-41348 Improper Privilege Management vulnerability in Microsoft Exchange Server 2016/2019
Microsoft Exchange Server Elevation of Privilege Vulnerability
low complexity
microsoft CWE-269
8.0
8.0
2021-10-11 CVE-2021-22263 Improper Privilege Management vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2.
network
low complexity
gitlab CWE-269
6.5
6.5
2021-10-11 CVE-2021-27664 Improper Privilege Management vulnerability in Johnsoncontrols Exacqvision web Service 20.06.11.0/20.06.3.0
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
network
low complexity
johnsoncontrols CWE-269
critical
 9.8
9.8