Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-27 | CVE-2018-19648 | Improper Privilege Management vulnerability in Adtran Pmaa 1.6.2/1.6.3 An issue was discovered in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4. | 8.8 |
| 2019-03-26 | CVE-2019-3849 | Improper Privilege Management vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. | 8.8 |
| 2019-03-25 | CVE-2018-16838 | Improper Privilege Management vulnerability in multiple products A flaw was found in sssd Group Policy Objects implementation. | 5.4 |
| 2019-03-21 | CVE-2019-5415 | Improper Privilege Management vulnerability in Zeit Serve 6.5.3 A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to. | 7.5 |
| 2019-03-21 | CVE-2018-11767 | Improper Privilege Management vulnerability in Apache Hadoop In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms. | 7.4 |
| 2019-03-15 | CVE-2018-18252 | Improper Privilege Management vulnerability in Capmon Access Manager 5.4.1.1005 An issue was discovered in CapMon Access Manager 5.4.1.1005. | 7.8 |
| 2019-03-13 | CVE-2019-6601 | Improper Privilege Management vulnerability in F5 Big-Ip Application Acceleration Manager In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager (AAM) wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts. | 5.5 |
| 2019-03-13 | CVE-2019-3785 | Improper Privilege Management vulnerability in Cloudfoundry Capi-Release Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an endpoint with improper authorization. | 8.1 |
| 2019-03-07 | CVE-2019-9624 | Improper Privilege Management vulnerability in Webmin 1.900 Webmin 1.900 allows remote attackers to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI. | 7.8 |
| 2019-03-06 | CVE-2019-1588 | Improper Privilege Management vulnerability in Cisco Nx-Os A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected device. | 4.4 |