Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-09 | CVE-2020-7324 | Improper Privilege Management vulnerability in Mcafee Mvision Endpoint 18.11.31.62/20.5.0.94/20.7 Improper Access Control vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to bypass security mechanisms and deny access to the SYSTEM folder via incorrectly applied permissions. | 6.1 |
| 2020-09-03 | CVE-2020-4638 | Improper Privilege Management vulnerability in IBM API Connect IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is vulnerable to privilege escalation. | 6.5 |
| 2020-09-03 | CVE-2020-24949 | Improper Privilege Management vulnerability in PHP-Fusion 9.03.50 Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution (RCE). | 9.0 |
| 2020-09-01 | CVE-2020-24955 | Improper Privilege Management vulnerability in Superantispyware Professional X SUPERAntiSyware Professional X Trial 10.0.1206 is vulnerable to local privilege escalation because it allows unprivileged users to restore a malicious DLL from quarantine into the system32 folder via an NTFS directory junction, as demonstrated by a crafted ualapi.dll file that is detected as malware. | 7.2 |
| 2020-08-31 | CVE-2020-25062 | Improper Privilege Management vulnerability in Google Android 10.0/9.0 An issue was discovered on LG mobile devices with Android OS 9 and 10 software. | 7.5 |
| 2020-08-31 | CVE-2020-25060 | Improper Privilege Management vulnerability in Google Android An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. | 4.6 |
| 2020-08-31 | CVE-2020-7523 | Improper Privilege Management vulnerability in Schneider-Electric Modbus Driver Suite and Modbus Serial Driver Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked. | 4.4 |
| 2020-08-27 | CVE-2020-4603 | Improper Privilege Management vulnerability in IBM Security Guardium Insights 2.0.1 IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 6.5 |
| 2020-08-21 | CVE-2020-8624 | Improper Privilege Management vulnerability in multiple products In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. | 4.3 |
| 2020-08-21 | CVE-2020-14201 | Improper Privilege Management vulnerability in Dolibarr Dolibarr CRM before 11.0.5 allows privilege escalation. | 4.0 |