Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2020-7916 | Improper Privilege Management vulnerability in Thimpress Learnpress be_teacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpress_be_teacher URI without any additional permission checks. | 6.5 |
| 2020-03-16 | CVE-2020-6584 | Improper Privilege Management vulnerability in Nagios 2.1.3 Nagios Log Server 2.1.3 has Incorrect Access Control. | 6.5 |
| 2020-03-15 | CVE-2020-10589 | Improper Privilege Management vulnerability in V2Rayl Project V2Rayl 2.1.3 v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo. | 7.8 |
| 2020-03-15 | CVE-2020-10588 | Improper Privilege Management vulnerability in V2Rayl Project V2Rayl 2.1.3 v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo. | 7.8 |
| 2020-03-13 | CVE-2020-10088 | Improper Privilege Management vulnerability in Gitlab GitLab 12.5 through 12.8.1 has Insecure Permissions. | 8.1 |
| 2020-03-12 | CVE-2020-0799 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-03-12 | CVE-2020-0785 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. | 7.1 |
| 2020-03-12 | CVE-2020-7254 | Improper Privilege Management vulnerability in Mcafee Advanced Threat Defense Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command. | 7.8 |
| 2020-03-10 | CVE-2020-5253 | Improper Privilege Management vulnerability in Nethack NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. | 9.8 |
| 2020-03-06 | CVE-2020-8113 | Improper Privilege Management vulnerability in Gitlab GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. | 9.8 |