Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-17 | CVE-2020-0394 | Improper Privilege Management vulnerability in Google Android In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. | 7.2 |
| 2020-09-17 | CVE-2020-0391 | Improper Privilege Management vulnerability in Google Android 10.0/9.0 In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. | 7.2 |
| 2020-09-17 | CVE-2020-0386 | Improper Privilege Management vulnerability in Google Android In onCreate of RequestPermissionActivity.java, there is a possible tapjacking vector due to an insecure default value. | 4.3 |
| 2020-09-17 | CVE-2020-0074 | Improper Privilege Management vulnerability in Google Android In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. | 7.2 |
| 2020-09-16 | CVE-2020-3980 | Improper Privilege Management vulnerability in VMWare Fusion VMware Fusion (11.x) contains a privilege escalation vulnerability due to the way it allows configuring the system wide path. | 3.7 |
| 2020-09-11 | CVE-2020-16875 | Improper Privilege Management vulnerability in Microsoft Exchange Server 2016/2019 <p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. | 8.4 |
| 2020-09-11 | CVE-2020-14100 | Improper Privilege Management vulnerability in MI R3600 Firmware In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. | 10.0 |
| 2020-09-10 | CVE-2020-9733 | Improper Privilege Management vulnerability in Adobe Experience Manager An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. | 5.0 |
| 2020-09-10 | CVE-2020-7311 | Improper Privilege Management vulnerability in Mcafee Agent 5.0.0 Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files. | 7.0 |
| 2020-09-09 | CVE-2020-15903 | Improper Privilege Management vulnerability in Nagios XI An issue was found in Nagios XI before 5.7.3. | 10.0 |