Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-15 | CVE-2020-29481 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 8.8 |
| 2020-12-15 | CVE-2020-27054 | Improper Privilege Management vulnerability in Google Android 11.0 In onFactoryReset of BluetoothManagerService.java, there is a missing permission check. | 4.6 |
| 2020-12-15 | CVE-2020-27052 | Improper Privilege Management vulnerability in Google Android 11.0 In getLockTaskLaunchMode of ActivityRecord.java, there is a possible way for any app to start in Lock Task Mode due to a permissions bypass. | 4.6 |
| 2020-12-15 | CVE-2020-27030 | Improper Privilege Management vulnerability in Google Android 11.0 In onCreate of HandleApiCalls.java, there is a possible permission bypass due to a confused deputy. | 4.6 |
| 2020-12-14 | CVE-2020-0444 | Improper Privilege Management vulnerability in Google Android In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. | 7.2 |
| 2020-12-14 | CVE-2020-0099 | Improper Privilege Management vulnerability in Google Android In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. | 9.3 |
| 2020-12-14 | CVE-2020-8283 | Improper Privilege Management vulnerability in Citrix Virtual Apps and Desktops, Xenapp and Xendesktop An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9. | 9.0 |
| 2020-12-14 | CVE-2020-8258 | Improper Privilege Management vulnerability in Citrix Gateway Plug-In Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, allows an attacker to modify arbitrary files. | 5.0 |
| 2020-12-14 | CVE-2020-8257 | Improper Privilege Management vulnerability in Citrix Gateway Plug-In Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, lead to privilege escalation attacks | 7.5 |
| 2020-12-11 | CVE-2020-27133 | Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. | 9.9 |