Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-12 | CVE-2020-0799 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-03-12 | CVE-2020-0785 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. | 7.1 |
| 2020-03-12 | CVE-2020-7254 | Improper Privilege Management vulnerability in Mcafee Advanced Threat Defense Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command. | 7.8 |
| 2020-03-10 | CVE-2020-5253 | Improper Privilege Management vulnerability in Nethack NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. | 9.8 |
| 2020-03-06 | CVE-2020-8113 | Improper Privilege Management vulnerability in Gitlab GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. | 9.8 |
| 2020-03-05 | CVE-2020-6971 | Improper Privilege Management vulnerability in Emerson Valvelink 12.0.264/13.4.118 In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the ValveLink software may allow a local, unprivileged, trusted insider to escalate privileges due to insecure configuration parameters. | 7.8 |
| 2020-03-02 | CVE-2019-12183 | Improper Privilege Management vulnerability in Safescan products Incorrect Access Control in Safescan Timemoto TM-616 and TA-8000 series allows remote attackers to read any file via the administrative API. | 7.5 |
| 2020-02-20 | CVE-2020-6968 | Improper Privilege Management vulnerability in Honeywell Inncom Inncontrol Firmware 3.0/3.21 Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files. | 7.8 |
| 2020-02-19 | CVE-2020-3112 | Improper Privilege Management vulnerability in Cisco Data Center Network Manager A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to elevate privileges on the application. | 8.8 |
| 2020-02-18 | CVE-2013-6295 | Improper Privilege Management vulnerability in Prestashop 1.5.5.0 PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module | 9.8 |