Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-21 | CVE-2020-14215 | Improper Privilege Management vulnerability in Zulip Server Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as adds the administrator role to invitations. | 7.5 |
2020-08-21 | CVE-2020-14194 | Improper Privilege Management vulnerability in Zulip Server Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link. | 5.4 |
2020-08-20 | CVE-2020-15862 | Improper Privilege Management vulnerability in multiple products Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. | 7.8 |
2020-08-18 | CVE-2020-7019 | Improper Privilege Management vulnerability in Elastic Elasticsearch In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. | 6.5 |
2020-08-18 | CVE-2020-7018 | Improper Privilege Management vulnerability in Elastic Enterprise Search Elastic Enterprise Search before 7.9.0 contain a credential exposure flaw in the App Search interface. | 8.8 |
2020-08-17 | CVE-2020-1488 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges. | 7.0 |
2020-08-14 | CVE-2015-8032 | Improper Privilege Management vulnerability in Textpattern 4.5.7 In Textpattern 4.5.7, an unprivileged author can change an article's markup setting. | 5.3 |
2020-08-13 | CVE-2020-24331 | Improper Privilege Management vulnerability in multiple products An issue was discovered in TrouSerS through 0.3.14. | 7.8 |
2020-08-13 | CVE-2020-24330 | Improper Privilege Management vulnerability in multiple products An issue was discovered in TrouSerS through 0.3.14. | 7.8 |
2020-08-13 | CVE-2020-7305 | Improper Privilege Management vulnerability in Mcafee Data Loss Prevention Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user credentials. | 6.5 |