Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-33356 | Improper Privilege Management vulnerability in Raspap Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges. | 8.8 |
| 2021-06-08 | CVE-2021-31954 | Improper Privilege Management vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
| 2021-06-08 | CVE-2021-31969 | Improper Privilege Management vulnerability in Microsoft products Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
| 2021-06-04 | CVE-2021-27657 | Improper Privilege Management vulnerability in Johnsoncontrols Metasys 11.0 Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. | 8.8 |
| 2021-05-28 | CVE-2013-4536 | Improper Privilege Management vulnerability in Qemu An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | 7.8 |
| 2021-05-26 | CVE-2021-22732 | Improper Privilege Management vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server. | 7.8 |
| 2021-05-26 | CVE-2018-16497 | Improper Privilege Management vulnerability in Versa-Networks Versa Analytics In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. | 7.8 |
| 2021-05-24 | CVE-2020-28904 | Improper Privilege Management vulnerability in Nagios Fusion Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code. | 9.8 |
| 2021-05-24 | CVE-2021-20713 | Improper Privilege Management vulnerability in Qualitysoft QND 10.3I/10.4I Privilege escalation vulnerability in QND Advance/Premium/Standard Ver.11.0.4i and earlier allows an attacker who can log in to the PC where the product's Windows client is installed to gain administrative privileges via unspecified vectors. | 7.8 |
| 2021-05-17 | CVE-2021-24289 | Improper Privilege Management vulnerability in De-Baat Store Locator Plus There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin. | 8.8 |