Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-23 | CVE-2020-8873 | Improper Privilege Management vulnerability in Parallels Desktop This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. | 6.7 |
| 2020-03-23 | CVE-2020-10793 | Improper Privilege Management vulnerability in Codeigniter CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. | 8.8 |
| 2020-03-20 | CVE-2019-16071 | Improper Privilege Management vulnerability in Netsas Enigma NMS 65.0.0 Enigma NMS 65.0.0 and prior allows administrative users to create low-privileged accounts that do not have the ability to modify any settings in the system, only view the components. | 8.8 |
| 2020-03-19 | CVE-2020-3265 | Improper Privilege Management vulnerability in Cisco Sd-Wan Firmware A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. | 7.8 |
| 2020-03-17 | CVE-2020-3950 | Improper Privilege Management vulnerability in VMWare Fusion, Horizon Client and Remote Console VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. | 7.8 |
| 2020-03-16 | CVE-2020-7916 | Improper Privilege Management vulnerability in Thimpress Learnpress be_teacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpress_be_teacher URI without any additional permission checks. | 6.5 |
| 2020-03-16 | CVE-2020-6584 | Improper Privilege Management vulnerability in Nagios 2.1.3 Nagios Log Server 2.1.3 has Incorrect Access Control. | 6.5 |
| 2020-03-15 | CVE-2020-10589 | Improper Privilege Management vulnerability in V2Rayl Project V2Rayl 2.1.3 v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo. | 7.8 |
| 2020-03-15 | CVE-2020-10588 | Improper Privilege Management vulnerability in V2Rayl Project V2Rayl 2.1.3 v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo. | 7.8 |
| 2020-03-13 | CVE-2020-10088 | Improper Privilege Management vulnerability in Gitlab GitLab 12.5 through 12.8.1 has Insecure Permissions. | 8.1 |