Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-16 | CVE-2019-7155 | Improper Privilege Management vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. | 6.5 |
| 2019-04-15 | CVE-2018-4008 | Improper Privilege Management vulnerability in Shimovpn Shimo VPN 4.1.5.1 An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. | 7.8 |
| 2019-04-11 | CVE-2019-6525 | Improper Privilege Management vulnerability in Aveva Wonderware System Platform 2014/2017 AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account for authentication of system processes and inter-node communications. | 8.8 |
| 2019-04-10 | CVE-2019-6287 | Improper Privilege Management vulnerability in Suse Rancher In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it. | 8.1 |
| 2019-04-09 | CVE-2019-0735 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-04-09 | CVE-2018-14894 | Improper Privilege Management vulnerability in Cyberark Endpoint Privilege Manager 10.2.1.603 CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications. | 7.8 |
| 2019-04-09 | CVE-2017-17544 | Improper Privilege Management vulnerability in Fortinet Fortios A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations. | 7.2 |
| 2019-04-08 | CVE-2019-10676 | Improper Privilege Management vulnerability in Uniqkey Password Manager 1.14 An issue was discovered in Uniqkey Password Manager 1.14. | 6.5 |
| 2019-04-03 | CVE-2018-4310 | Improper Privilege Management vulnerability in Apple mac OS X An access issue was addressed with additional sandbox restrictions. | 10.0 |
| 2019-03-28 | CVE-2019-1754 | Improper Privilege Management vulnerability in Cisco IOS XE A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. | 8.8 |