Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-25 | CVE-2019-13690 | Improper Privilege Management vulnerability in Google Chrome Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. | 9.6 |
| 2023-08-23 | CVE-2023-4404 | Improper Privilege Management vulnerability in Wpcharitable Charitable The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. | 9.8 |
| 2023-08-22 | CVE-2023-38734 | Improper Privilege Management vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. | 9.8 |
| 2023-08-14 | CVE-2023-21269 | Improper Privilege Management vulnerability in Google Android 13.0 In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. | 7.8 |
| 2023-08-14 | CVE-2023-3160 | Improper Privilege Management vulnerability in Eset products The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions. | 7.8 |
| 2023-08-11 | CVE-2021-28411 | Improper Privilege Management vulnerability in Ruoyi 3.4.0 An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges. | 9.8 |
| 2023-08-10 | CVE-2023-30680 | Improper Privilege Management vulnerability in Samsung Android 12.0/13.0 Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege. | 7.8 |
| 2023-08-08 | CVE-2023-39211 | Improper Privilege Management vulnerability in Zoom Rooms and Zoom Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access. | 7.8 |
| 2023-08-08 | CVE-2023-4009 | Improper Privilege Management vulnerability in Mongodb OPS Manager Server In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an authenticated user with project owner or project user admin access to generate an API key with the privileges of org owner resulting in privilege escalation. | 7.2 |
| 2023-08-02 | CVE-2023-31432 | Improper Privilege Management vulnerability in Broadcom Brocade Fabric Operating System Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0. | 7.8 |