Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-22 | CVE-2018-16263 | Improper Privilege Management vulnerability in Linux Tizen The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. | 8.8 |
| 2020-01-22 | CVE-2018-16262 | Improper Privilege Management vulnerability in Linux Tizen The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. | 8.8 |
| 2020-01-16 | CVE-2020-7047 | Improper Privilege Management vulnerability in Webfactoryltd WP Database Reset The WordPress plugin, WP Database Reset through 3.1, contains a flaw that gave any authenticated user, with minimal permissions, the ability (with a simple wp-admin/admin.php?db-reset-tables[]=users request) to escalate their privileges to administrator while dropping all other users from the table. | 8.8 |
| 2020-01-16 | CVE-2019-10940 | Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). | 9.9 |
| 2020-01-15 | CVE-2019-15012 | Improper Privilege Management vulnerability in Atlassian Bitbucket Bitbucket Server and Bitbucket Data Center from version 4.13. | 8.8 |
| 2020-01-15 | CVE-2015-5072 | Improper Privilege Management vulnerability in BMC Remedy AR System Server 8.0/9.0 The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the __imageid parameter. | 6.5 |
| 2020-01-15 | CVE-2015-5071 | Improper Privilege Management vulnerability in BMC Remedy AR System Server 8.0/9.0 AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the __report parameter of the BIRT viewer servlet. | 6.5 |
| 2020-01-15 | CVE-2014-6448 | Improper Privilege Management vulnerability in Juniper Junos Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access. | 7.8 |
| 2020-01-15 | CVE-2015-5466 | Improper Privilege Management vulnerability in SIS XGI VGA Display Manager 6.14.10.1090 Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA Driver Manager and VGA Display Manager) 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call. | 7.8 |
| 2020-01-15 | CVE-2015-7556 | Improper Privilege Management vulnerability in Delegate 9.9.13 DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program. | 7.8 |