Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-02 | CVE-2020-27708 | Improper Privilege Management vulnerability in EA Origin A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. | 7.2 |
| 2020-10-29 | CVE-2020-27655 | Improper Privilege Management vulnerability in Synology Router Manager Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic. | 10.0 |
| 2020-10-29 | CVE-2020-27654 | Improper Privilege Management vulnerability in Synology Router Manager Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp. | 9.8 |
| 2020-10-27 | CVE-2019-8848 | Improper Privilege Management vulnerability in Apple products This issue was addressed with improved checks. | 6.8 |
| 2020-10-27 | CVE-2019-8841 | Improper Privilege Management vulnerability in Apple Ipados and Iphone OS An information disclosure issue was addressed by removing the vulnerable code. | 7.2 |
| 2020-10-26 | CVE-2020-7125 | Improper Privilege Management vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 6.5 |
| 2020-10-23 | CVE-2020-24848 | Improper Privilege Management vulnerability in Fruitywifi Project Fruitywifi FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. | 7.2 |
| 2020-10-23 | CVE-2020-9331 | Improper Privilege Management vulnerability in Cryptopro CSP CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation (by local users with the SeChangeNotifyPrivilege right) because user-mode input is mishandled during process creation. | 4.6 |
| 2020-10-22 | CVE-2020-7020 | Improper Privilege Management vulnerability in Elastic Elasticsearch Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. | 3.5 |
| 2020-10-19 | CVE-2020-9112 | Improper Privilege Management vulnerability in Huawei Taurus-An00B Firmware 10.1.0.156 Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a privilege elevation vulnerability. | 4.6 |