Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-30 | CVE-2020-8092 | Improper Privilege Management vulnerability in Bitdefender Antivirus A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. | 5.5 |
| 2020-01-30 | CVE-2020-7908 | Improper Privilege Management vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | 4.3 |
| 2020-01-28 | CVE-2013-4583 | Improper Privilege Management vulnerability in Gitlab and Gitlab-Shell The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. | 8.8 |
| 2020-01-28 | CVE-2019-5472 | Improper Privilege Management vulnerability in Gitlab An authorization issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 that prevented owners and maintainer to delete epic comments. | 7.5 |
| 2020-01-28 | CVE-2019-5468 | Improper Privilege Management vulnerability in Gitlab An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account. | 8.8 |
| 2020-01-26 | CVE-2020-3115 | Improper Privilege Management vulnerability in Cisco Sd-Wan Firmware 18.4.1/19.1.0 A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. | 8.8 |
| 2020-01-24 | CVE-2019-1454 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. | 5.5 |
| 2020-01-24 | CVE-2018-8654 | Improper Privilege Management vulnerability in Microsoft Dynamics 365 8.0 An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privilege Vulnerability'. | 6.5 |
| 2020-01-24 | CVE-2012-6302 | Improper Privilege Management vulnerability in Soapbox Project Soapbox 0.3.1 Soapbox through 0.3.1: Sandbox bypass - runs a second instance of Soapbox within a sandboxed Soapbox. | 7.8 |
| 2020-01-23 | CVE-2012-4606 | Improper Privilege Management vulnerability in Citrix Xenserver Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges. | 7.8 |