Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2021-38140 | Improper Privilege Management vulnerability in SET User Project SET User The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user(). | 7.5 |
| 2021-08-04 | CVE-2021-1572 | Improper Privilege Management vulnerability in Cisco Confd and Network Services Orchestrator A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. | 7.8 |
| 2021-08-03 | CVE-2019-14453 | Improper Privilege Management vulnerability in Comelitgroup Away From Home 2.8.0 An issue was discovered in Comelit "App lejos de casa (web)" 2.8.0. | 9.0 |
| 2021-08-03 | CVE-2021-22421 | Improper Privilege Management vulnerability in Huawei Harmonyos 2.0 A component of the HarmonyOS has a Improper Privilege Management vulnerability. | 7.2 |
| 2021-08-02 | CVE-2021-22396 | Improper Privilege Management vulnerability in Huawei Ecns280 TD Firmware and Ese620X Vess Firmware There is a privilege escalation vulnerability in some Huawei products. | 4.6 |
| 2021-08-02 | CVE-2021-37167 | Improper Privilege Management vulnerability in Swisslog-Healthcare Hmi-3 Control Panel Firmware An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. | 9.8 |
| 2021-08-02 | CVE-2021-33526 | Improper Privilege Management vulnerability in Mbconnectline Mbdialup In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service. | 7.2 |
| 2021-07-30 | CVE-2021-34802 | Improper Privilege Management vulnerability in Neo4J Graph Databse 4.2/4.3 A failure in resetting the security context in some transaction actions in Neo4j Graph Database 4.2 and 4.3 could allow authenticated users to execute commands with elevated privileges. | 6.5 |
| 2021-07-26 | CVE-2020-18169 | Improper Privilege Management vulnerability in Techsmith Snagit 19.1.1.2860 A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges. | 7.8 |
| 2021-07-26 | CVE-2020-18171 | Improper Privilege Management vulnerability in Techsmith Snagit 19.1.0.2653 TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) which can allow attackers to obfuscate and embed crafted files used to escalate privileges. | 8.8 |