Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-13 | CVE-2019-3785 | Improper Privilege Management vulnerability in Cloudfoundry Capi-Release Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an endpoint with improper authorization. | 8.1 |
| 2019-03-07 | CVE-2019-9624 | Improper Privilege Management vulnerability in Webmin 1.900 Webmin 1.900 allows remote attackers to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI. | 7.8 |
| 2019-03-06 | CVE-2019-1588 | Improper Privilege Management vulnerability in Cisco Nx-Os A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected device. | 4.4 |
| 2019-03-05 | CVE-2018-19725 | Improper Privilege Management vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. | 9.8 |
| 2019-02-25 | CVE-2018-5839 | Improper Privilege Management vulnerability in Qualcomm products Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS605, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SXR1130. | 7.1 |
| 2019-02-20 | CVE-2019-3475 | Improper Privilege Management vulnerability in Microfocus Filr 3.0 A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. | 7.8 |
| 2019-02-19 | CVE-2019-5768 | Improper Privilege Management vulnerability in multiple products DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension. | 6.5 |
| 2019-01-15 | CVE-2017-6924 | Improper Privilege Management vulnerability in Drupal In Drupal 8 prior to 8.3.7; When using the REST API, users without the correct permission can post comments via REST that are approved even if the user does not have permission to post approved comments. | 7.4 |
| 2019-01-14 | CVE-2018-16888 | Improper Privilege Management vulnerability in multiple products It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. | 4.7 |
| 2019-01-09 | CVE-2018-0671 | Improper Privilege Management vulnerability in MNC Inplc-Rt 3.08 Privilege escalation vulnerability in INplc-RT 3.08 and earlier allows an attacker with administrator rights to execute arbitrary code on the Windows system via unspecified vectors. | 6.7 |