Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-13 | CVE-2023-6099 | Improper Privilege Management vulnerability in Szjocat Facial Love Cloud Platform 1.0.55.0.0.1 A vulnerability classified as critical has been found in Shenzhen Youkate Industrial Facial Love Cloud Payment System up to 1.0.55.0.0.1. | 9.8 |
| 2023-11-09 | CVE-2023-5549 | Improper Privilege Management vulnerability in multiple products Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage. | 5.3 |
| 2023-11-07 | CVE-2023-35140 | Improper Privilege Management vulnerability in Zyxel products The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70(ABTO.5) could allow an authenticated local user with read-only access to modify system settings on a vulnerable device. | 5.5 |
| 2023-11-07 | CVE-2023-41036 | Improper Privilege Management vulnerability in Macvim Macvim is a text editor for MacOS. | 7.8 |
| 2023-11-03 | CVE-2023-43018 | Improper Privilege Management vulnerability in IBM Cics TX 10.1/11.1 IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.5 |
| 2023-10-29 | CVE-2023-40685 | Improper Privilege Management vulnerability in IBM I Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. | 7.8 |
| 2023-10-29 | CVE-2023-40686 | Improper Privilege Management vulnerability in IBM I Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. | 7.8 |
| 2023-10-27 | CVE-2022-3701 | Improper Privilege Management vulnerability in Lenovo products A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and earlier that could allow a local attacker to execute arbitrary code with elevated privileges. | 7.8 |
| 2023-10-27 | CVE-2023-44219 | Improper Privilege Management vulnerability in Sonicwall Directory Services Connector A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature. | 7.8 |
| 2023-10-27 | CVE-2023-34057 | Improper Privilege Management vulnerability in VMWare Tools VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine. | 7.8 |