Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-10 | CVE-2021-26936 | Improper Privilege Management vulnerability in Replaysorcery Project Replaysorcery The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when using the default setuid-root configuration, allows a local attacker to escalate privileges to root by specifying video output paths in privileged locations. | 7.2 |
| 2021-02-10 | CVE-2021-0327 | Improper Privilege Management vulnerability in Google Android In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. | 7.2 |
| 2021-01-28 | CVE-2020-35517 | Improper Privilege Management vulnerability in Qemu A flaw was found in qemu. | 8.2 |
| 2021-01-26 | CVE-2021-22159 | Improper Privilege Management vulnerability in Proofpoint Insider Threat Management Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. | 7.2 |
| 2021-01-26 | CVE-2020-28874 | Improper Privilege Management vulnerability in Projectsend reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. | 5.0 |
| 2021-01-26 | CVE-2020-25737 | Improper Privilege Management vulnerability in Hackolade An elevation of privilege vulnerability exists in Hackolade versions prior 4.2.0 on Windows has an issue in specific deployment scenarios that could allow local users to gain elevated privileges during an uninstall of the application. | 4.6 |
| 2021-01-20 | CVE-2020-6024 | Improper Privilege Management vulnerability in Checkpoint Smartconsole Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users. | 4.6 |
| 2021-01-15 | CVE-2021-0223 | Improper Privilege Management vulnerability in Juniper Junos A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary commands as root. | 7.2 |
| 2021-01-15 | CVE-2021-0204 | Improper Privilege Management vulnerability in Juniper Junos A sensitive information disclosure vulnerability in delta-export configuration utility (dexp) of Juniper Networks Junos OS may allow a locally authenticated shell user the ability to create and read database files generated by the dexp utility, including password hashes of local users. | 7.2 |
| 2021-01-14 | CVE-2021-20618 | Improper Privilege Management vulnerability in Acmailer and Acmailer DB Privilege chaining vulnerability in acmailer ver. | 10.0 |