Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-04 | CVE-2015-3613 | Improper Privilege Management vulnerability in Fortinet Fortimanager A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page | 9.8 |
| 2020-02-03 | CVE-2020-5182 | Improper Privilege Management vulnerability in Cmsjunkie J-Businessdirectory The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. | 6.5 |
| 2020-01-30 | CVE-2015-0949 | Improper Privilege Management vulnerability in multiple products The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. | 7.8 |
| 2020-01-30 | CVE-2020-8092 | Improper Privilege Management vulnerability in Bitdefender Antivirus A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. | 5.5 |
| 2020-01-30 | CVE-2020-7908 | Improper Privilege Management vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | 4.3 |
| 2020-01-28 | CVE-2013-4583 | Improper Privilege Management vulnerability in Gitlab and Gitlab-Shell The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. | 8.8 |
| 2020-01-28 | CVE-2019-5472 | Improper Privilege Management vulnerability in Gitlab An authorization issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 that prevented owners and maintainer to delete epic comments. | 7.5 |
| 2020-01-28 | CVE-2019-5468 | Improper Privilege Management vulnerability in Gitlab An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account. | 8.8 |
| 2020-01-26 | CVE-2020-3115 | Improper Privilege Management vulnerability in Cisco Sd-Wan Firmware 18.4.1/19.1.0 A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. | 8.8 |
| 2020-01-24 | CVE-2019-1454 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. | 5.5 |