Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2023-11-16 CVE-2023-44292 Improper Privilege Management vulnerability in Dell Repository Manager
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module.
local
low complexity
dell CWE-269
7.8
2023-11-16 CVE-2023-6119 Improper Privilege Management vulnerability in Trellix Getsusp
An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level.
local
low complexity
trellix CWE-269
7.8
2023-11-14 CVE-2023-20563 Improper Privilege Management vulnerability in AMD products
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
local
low complexity
amd CWE-269
7.8
2023-11-14 CVE-2023-20565 Improper Privilege Management vulnerability in AMD products
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
local
low complexity
amd CWE-269
7.8
2023-11-14 CVE-2023-31273 Improper Privilege Management vulnerability in Intel Data Center Manager
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
network
low complexity
intel CWE-269
critical
9.8
2023-11-09 CVE-2023-5549 Improper Privilege Management vulnerability in multiple products
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.
network
low complexity
moodle fedoraproject CWE-269
5.3
2023-11-03 CVE-2023-43018 Improper Privilege Management vulnerability in IBM Cics TX 10.1/11.1
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
network
low complexity
ibm CWE-269
7.5
2023-10-29 CVE-2023-40685 Improper Privilege Management vulnerability in IBM I
Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability.
local
low complexity
ibm CWE-269
7.8
2023-10-29 CVE-2023-40686 Improper Privilege Management vulnerability in IBM I
Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability.
local
low complexity
ibm CWE-269
7.8
2023-10-27 CVE-2022-3701 Improper Privilege Management vulnerability in Lenovo products
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and earlier that could allow a local attacker to execute arbitrary code with elevated privileges.
local
low complexity
lenovo CWE-269
7.8