Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-03 | CVE-2019-4589 | Improper Privilege Management vulnerability in IBM Cognos Analytics 11.1.0/11.0.0 IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user. | 4.0 |
| 2020-07-30 | CVE-2020-14162 | Improper Privilege Management vulnerability in Pi-Hole An issue was discovered in Pi-Hole through 5.0. | 7.2 |
| 2020-07-30 | CVE-2020-12620 | Improper Privilege Management vulnerability in Pi-Hole Pi-hole 4.4 allows a user able to write to /etc/pihole/dns-servers.conf to escalate privileges through command injection (shell metacharacters after an IP address). | 7.2 |
| 2020-07-29 | CVE-2020-14316 | Improper Privilege Management vulnerability in multiple products A flaw was found in kubevirt 0.29 and earlier. | 6.5 |
| 2020-07-29 | CVE-2019-20029 | Improper Privilege Management vulnerability in NEC products An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. | 6.5 |
| 2020-07-29 | CVE-2020-14493 | Improper Privilege Management vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands. | 6.5 |
| 2020-07-17 | CVE-2020-9669 | Improper Privilege Management vulnerability in Adobe Creative Cloud Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. | 7.5 |
| 2020-07-15 | CVE-2020-10286 | Improper Privilege Management vulnerability in Ufactory products the main user account has restricted privileges but is in the sudoers group and there is not any mechanism in place to prevent sudo su or sudo -i to be run gaining unrestricted access to sensible files, encryption, or issue orders that disrupt robot operation. | 5.8 |
| 2020-07-15 | CVE-2019-20908 | Improper Privilege Management vulnerability in multiple products An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. | 6.9 |
| 2020-07-14 | CVE-2020-1465 | Improper Privilege Management vulnerability in Microsoft Onedrive An elevation of privilege vulnerability exists in Microsoft OneDrive that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft OneDrive Elevation of Privilege Vulnerability'. | 7.2 |