Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-14 | CVE-2020-8327 | Improper Privilege Management vulnerability in Lenovo Vantage 10.2001.12.0/4.0.49.0 A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-04-14 | CVE-2020-6236 | Improper Privilege Management vulnerability in SAP Adaptive Extensions and Landscape Management SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of arbitrary files remotely. | 7.2 |
| 2020-04-14 | CVE-2020-10384 | Improper Privilege Management vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. | 7.8 |
| 2020-04-14 | CVE-2019-18822 | Improper Privilege Management vulnerability in Eleveo Call Recording 6.3.1 A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account (i.e., the account under which the program runs - by default, the callrec account) to elevate privileges to root by abusing the [email protected]. | 8.8 |
| 2020-04-12 | CVE-2020-11708 | Improper Privilege Management vulnerability in Provideserver Provide FTP Server 13.1 An issue was discovered in ProVide (formerly zFTPServer) through 13.1. | 9.8 |
| 2020-04-08 | CVE-2020-1991 | Improper Privilege Management vulnerability in Paloaltonetworks Traps An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. | 7.1 |
| 2020-04-08 | CVE-2020-1989 | Improper Privilege Management vulnerability in Paloaltonetworks Globalprotect 5.0/5.0.4/5.1 An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. | 7.8 |
| 2020-04-07 | CVE-2020-5302 | Improper Privilege Management vulnerability in Mh-Wikibot Project Mh-Wikibot MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. | 6.5 |
| 2020-04-06 | CVE-2019-19699 | Improper Privilege Management vulnerability in Centreon There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. | 7.2 |
| 2020-04-03 | CVE-2018-17954 | Improper Privilege Management vulnerability in Suse Openstack Cloud and Openstack Cloud Crowbar An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. | 7.8 |