Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-7259 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file | 7.8 |
| 2020-04-15 | CVE-2020-7257 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. | 6.3 |
| 2020-04-14 | CVE-2020-8327 | Improper Privilege Management vulnerability in Lenovo Vantage 10.2001.12.0/4.0.49.0 A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-04-14 | CVE-2020-6236 | Improper Privilege Management vulnerability in SAP Adaptive Extensions and Landscape Management SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of arbitrary files remotely. | 7.2 |
| 2020-04-14 | CVE-2020-10384 | Improper Privilege Management vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. | 7.8 |
| 2020-04-14 | CVE-2019-18822 | Improper Privilege Management vulnerability in Eleveo Call Recording 6.3.1 A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account (i.e., the account under which the program runs - by default, the callrec account) to elevate privileges to root by abusing the [email protected]. | 8.8 |
| 2020-04-12 | CVE-2020-11708 | Improper Privilege Management vulnerability in Provideserver Provide FTP Server 13.1 An issue was discovered in ProVide (formerly zFTPServer) through 13.1. | 9.8 |
| 2020-04-08 | CVE-2020-1991 | Improper Privilege Management vulnerability in Paloaltonetworks Traps An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. | 7.1 |
| 2020-04-08 | CVE-2020-1989 | Improper Privilege Management vulnerability in Paloaltonetworks Globalprotect 5.0/5.0.4/5.1 An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. | 7.8 |
| 2020-04-07 | CVE-2020-5302 | Improper Privilege Management vulnerability in Mh-Wikibot Project Mh-Wikibot MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. | 6.5 |