Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-21 | CVE-2021-31523 | Improper Privilege Management vulnerability in Xscreensaver Project Xscreensaver 5.42+Dfsg11 The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of the Mesa 3D Graphics library dependency. | 7.2 |
| 2021-04-19 | CVE-2021-20208 | Improper Privilege Management vulnerability in multiple products A flaw was found in cifs-utils in versions before 6.13. | 6.1 |
| 2021-04-15 | CVE-2021-30479 | Improper Privilege Management vulnerability in Zulip Server An issue was discovered in Zulip Server before 3.4. | 5.0 |
| 2021-04-15 | CVE-2021-30478 | Improper Privilege Management vulnerability in Zulip Server An issue was discovered in Zulip Server before 3.4. | 4.0 |
| 2021-04-13 | CVE-2021-28322 | Improper Privilege Management vulnerability in Microsoft products Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | 7.8 |
| 2021-04-13 | CVE-2021-28313 | Improper Privilege Management vulnerability in Microsoft products Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | 7.8 |
| 2021-04-13 | CVE-2021-0446 | Improper Privilege Management vulnerability in Google Android 11.0 In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. | 4.4 |
| 2021-04-13 | CVE-2021-0438 | Improper Privilege Management vulnerability in Google Android 10.0/8.1/9.0 In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. | 4.4 |
| 2021-04-13 | CVE-2021-0433 | Improper Privilege Management vulnerability in Google Android In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. | 5.4 |
| 2021-04-13 | CVE-2021-25253 | Improper Privilege Management vulnerability in Trendmicro Apex ONE and Officescan An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. | 7.2 |