Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-22 | CVE-2018-16270 | Improper Privilege Management vulnerability in Samsung products Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. | 7.5 |
| 2020-01-22 | CVE-2018-16268 | Improper Privilege Management vulnerability in Linux Tizen The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. | 4.3 |
| 2020-01-22 | CVE-2018-16267 | Improper Privilege Management vulnerability in Linux Tizen The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. | 8.1 |
| 2020-01-22 | CVE-2018-16266 | Improper Privilege Management vulnerability in Linux Tizen The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. | 8.1 |
| 2020-01-22 | CVE-2018-16265 | Improper Privilege Management vulnerability in Linux Tizen The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. | 6.5 |
| 2020-01-22 | CVE-2018-16263 | Improper Privilege Management vulnerability in Linux Tizen The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. | 8.8 |
| 2020-01-22 | CVE-2018-16262 | Improper Privilege Management vulnerability in Linux Tizen The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. | 8.8 |
| 2020-01-16 | CVE-2020-7047 | Improper Privilege Management vulnerability in Webfactoryltd WP Database Reset The WordPress plugin, WP Database Reset through 3.1, contains a flaw that gave any authenticated user, with minimal permissions, the ability (with a simple wp-admin/admin.php?db-reset-tables[]=users request) to escalate their privileges to administrator while dropping all other users from the table. | 8.8 |
| 2020-01-16 | CVE-2019-10940 | Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). | 9.9 |
| 2020-01-15 | CVE-2019-15012 | Improper Privilege Management vulnerability in Atlassian Bitbucket Bitbucket Server and Bitbucket Data Center from version 4.13. | 8.8 |