Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-16 | CVE-2023-6119 | Improper Privilege Management vulnerability in Trellix Getsusp An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. | 7.8 |
2023-11-14 | CVE-2023-20563 | Improper Privilege Management vulnerability in AMD products Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-20565 | Improper Privilege Management vulnerability in AMD products Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-31273 | Improper Privilege Management vulnerability in Intel Data Center Manager Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 9.8 |
2023-11-14 | CVE-2023-47629 | Improper Privilege Management vulnerability in Datahub Project Datahub DataHub is an open-source metadata platform. | 8.0 |
2023-11-13 | CVE-2023-6099 | Improper Privilege Management vulnerability in Szjocat Facial Love Cloud Platform 1.0.55.0.0.1 A vulnerability classified as critical has been found in Shenzhen Youkate Industrial Facial Love Cloud Payment System up to 1.0.55.0.0.1. | 9.8 |
2023-11-09 | CVE-2023-5549 | Improper Privilege Management vulnerability in multiple products Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage. | 5.3 |
2023-11-07 | CVE-2023-35140 | Improper Privilege Management vulnerability in Zyxel products The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70(ABTO.5) could allow an authenticated local user with read-only access to modify system settings on a vulnerable device. | 5.5 |
2023-11-07 | CVE-2023-41036 | Improper Privilege Management vulnerability in Macvim Macvim is a text editor for MacOS. | 7.8 |
2023-11-03 | CVE-2023-43018 | Improper Privilege Management vulnerability in IBM Cics TX 10.1/11.1 IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.5 |