Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-01 | CVE-2023-4697 | Improper Privilege Management vulnerability in Usememos Memos Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2. | 8.8 |
2023-08-31 | CVE-2023-31175 | Improper Privilege Management vulnerability in Selinc Sel-5037 SEL Grid Configurator An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | 9.8 |
2023-08-31 | CVE-2023-41743 | Improper Privilege Management vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office Local privilege escalation due to insecure driver communication port permissions. | 7.8 |
2023-08-31 | CVE-2022-45451 | Improper Privilege Management vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office Local privilege escalation due to insecure driver communication port permissions. | 7.8 |
2023-08-30 | CVE-2023-20266 | Improper Privilege Management vulnerability in Cisco products A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. | 7.2 |
2023-08-29 | CVE-2023-32457 | Improper Privilege Management vulnerability in Dell Powerscale Onefs 9.5.0.0 Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. | 8.8 |
2023-08-25 | CVE-2019-13690 | Improper Privilege Management vulnerability in Google Chrome Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. | 9.6 |
2023-08-23 | CVE-2023-4404 | Improper Privilege Management vulnerability in Wpcharitable Charitable The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. | 9.8 |
2023-08-22 | CVE-2023-38734 | Improper Privilege Management vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. | 9.8 |
2023-08-14 | CVE-2023-21269 | Improper Privilege Management vulnerability in Google Android 13.0 In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. | 7.8 |