Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-30 | CVE-2013-2016 | Improper Privilege Management vulnerability in multiple products A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. | 7.8 |
| 2019-12-30 | CVE-2019-20074 | Improper Privilege Management vulnerability in Netis-Systems Dl4343 Firmware On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the form2saveConf.cgi page. | 8.8 |
| 2019-12-27 | CVE-2013-5027 | Improper Privilege Management vulnerability in O-Dyn Collabtive 1.0 Collabtive 1.0 has incorrect access control | 9.8 |
| 2019-12-27 | CVE-2013-4975 | Improper Privilege Management vulnerability in Hikvision Ds-2Cd7153-E Firmware 4.1.0B130111 Hikvision DS-2CD7153-E IP Camera has Privilege Escalation | 8.8 |
| 2019-12-27 | CVE-2013-4867 | Improper Privilege Management vulnerability in EA Karotz Smart Rabbit Firmware 12.07.19.00 Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking | 6.3 |
| 2019-12-27 | CVE-2019-20043 | Improper Privilege Management vulnerability in multiple products In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. | 4.3 |
| 2019-12-23 | CVE-2019-19151 | Improper Privilege Management vulnerability in F5 products On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. | 5.5 |
| 2019-12-23 | CVE-2019-6685 | Improper Privilege Management vulnerability in F5 products On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. | 7.8 |
| 2019-12-18 | CVE-2012-2312 | Improper Privilege Management vulnerability in Redhat products An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | 7.8 |
| 2019-12-16 | CVE-2019-5259 | Improper Privilege Management vulnerability in Huawei products There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). | 6.5 |