Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-01 | CVE-2015-9267 | Improper Privilege Management vulnerability in multiple products Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. | 5.5 |
2018-09-26 | CVE-2018-1550 | Improper Privilege Management vulnerability in IBM products IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. | 5.5 |
2018-09-18 | CVE-2018-11786 | Improper Privilege Management vulnerability in Apache Karaf In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/write any file on the file system to which the Karaf process user has access. | 8.8 |
2018-09-11 | CVE-2018-10853 | Improper Privilege Management vulnerability in multiple products A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. | 7.8 |
2018-08-30 | CVE-2018-10514 | Improper Privilege Management vulnerability in Trendmicro products A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.8 |
2018-08-29 | CVE-2018-15912 | Improper Privilege Management vulnerability in Manjaro Linux An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. | 7.8 |
2018-08-23 | CVE-2018-14791 | Improper Privilege Management vulnerability in Emerson Deltav Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products. | 7.8 |
2018-08-22 | CVE-2018-14787 | Improper Privilege Management vulnerability in Philips Intellispace Cardiovascular and Xcelera In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticated users have write permissions, and could then execute arbitrary code with local administrative permissions. | 7.8 |
2018-08-20 | CVE-2018-1000648 | Improper Privilege Management vulnerability in Librehealth EHR 2.0.0 LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. | 8.8 |
2018-08-20 | CVE-2018-1000634 | Improper Privilege Management vulnerability in Openmicroscopy Omero The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains an Improper Access Control vulnerability in User management that can result in administrative user with privilege restrictions logging in as a more powerful administrator. | 7.2 |