Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1431 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-07-14 | CVE-2020-1416 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'. | 8.8 |
| 2020-07-14 | CVE-2020-1412 | Improper Privilege Management vulnerability in Microsoft products A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. | 8.8 |
| 2020-07-14 | CVE-2020-7578 | Improper Privilege Management vulnerability in Siemens Opcenter Execution Core A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). | 8.1 |
| 2020-07-14 | CVE-2020-11956 | Improper Privilege Management vulnerability in Rittal products An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. | 9.8 |
| 2020-07-06 | CVE-2020-6013 | Improper Privilege Management vulnerability in Checkpoint Zonealarm Extreme Security ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems. | 8.8 |
| 2020-07-03 | CVE-2020-7283 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. | 8.8 |
| 2020-07-03 | CVE-2020-7281 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. | 6.3 |
| 2020-07-02 | CVE-2020-8179 | Improper Privilege Management vulnerability in Nextcloud Deck Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks. | 4.1 |
| 2020-06-23 | CVE-2020-14976 | Improper Privilege Management vulnerability in Gns3 Ubridge GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context. | 5.5 |