Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-11 | CVE-2020-11552 | Improper Privilege Management vulnerability in Zohocorp Manageengine Adselfservice Plus An elevation of privilege vulnerability exists in ManageEngine ADSelfService Plus before build 6003 because it does not properly enforce user privileges associated with a Certificate dialog. | 9.8 |
| 2020-08-08 | CVE-2020-15826 | Improper Privilege Management vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have. | 4.3 |
| 2020-08-08 | CVE-2020-15824 | Improper Privilege Management vulnerability in multiple products In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. | 8.8 |
| 2020-08-04 | CVE-2020-5617 | Improper Privilege Management vulnerability in Skygroup Skysea Client View 12.200.12N/15.210.05F Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an attacker to obtain unauthorized privileges and modify/obtain sensitive information or perform unintended operations via unspecified vectors. | 7.8 |
| 2020-08-03 | CVE-2020-5773 | Improper Privilege Management vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.01 Improper Access Control in Teltonika firmware TRB2_R_00.02.04.01 allows a low privileged user to perform unauthorized write operations. | 8.8 |
| 2020-08-03 | CVE-2019-4589 | Improper Privilege Management vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user. | 4.3 |
| 2020-07-30 | CVE-2020-14162 | Improper Privilege Management vulnerability in Pi-Hole An issue was discovered in Pi-Hole through 5.0. | 7.8 |
| 2020-07-29 | CVE-2020-14493 | Improper Privilege Management vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands. | 8.8 |
| 2020-07-17 | CVE-2020-9669 | Improper Privilege Management vulnerability in Adobe Creative Cloud Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. | 9.8 |
| 2020-07-15 | CVE-2020-10286 | Improper Privilege Management vulnerability in Ufactory products the main user account has restricted privileges but is in the sudoers group and there is not any mechanism in place to prevent sudo su or sudo -i to be run gaining unrestricted access to sensible files, encryption, or issue orders that disrupt robot operation. | 8.8 |