Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-04 | CVE-2023-5402 | Improper Privilege Management vulnerability in Schneider-Electric C-Bus Toolkit A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network. | 9.8 |
| 2023-10-04 | CVE-2023-20235 | Improper Privilege Management vulnerability in Cisco IOS XE A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability exists because Docker containers with the privileged runtime option are not blocked when they are in application development mode. | 8.8 |
| 2023-09-28 | CVE-2023-43663 | Improper Privilege Management vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 4.3 |
| 2023-09-28 | CVE-2023-43664 | Improper Privilege Management vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 4.3 |
| 2023-09-28 | CVE-2023-40375 | Improper Privilege Management vulnerability in IBM I Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. | 7.8 |
| 2023-09-27 | CVE-2023-34043 | Improper Privilege Management vulnerability in VMWare Aria Operations and Cloud Foundation VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. | 6.7 |
| 2023-09-27 | CVE-2023-39375 | Improper Privilege Management vulnerability in Siberiancms SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges | 9.8 |
| 2023-09-15 | CVE-2023-4662 | Improper Privilege Management vulnerability in Saphira Connect Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code Inclusion.This issue affects Saphira Connect: before 9. | 9.8 |
| 2023-09-15 | CVE-2023-36657 | Improper Privilege Management vulnerability in Opswat Metadefender Kiosk An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. | 9.8 |
| 2023-09-07 | CVE-2023-20193 | Improper Privilege Management vulnerability in Cisco Identity Services Engine A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. | 6.7 |