Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-20 | CVE-2018-10079 | Improper Privilege Management vulnerability in Vertiv Watchdog Console 3.2.2 Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating (1) config.xml or (2) servers.xml. | 7.8 |
| 2018-04-17 | CVE-2018-10190 | Improper Privilege Management vulnerability in Londontrustmedia Private Internet Access 77 A vulnerability in London Trust Media Private Internet Access (PIA) VPN Client v77 for Windows could allow an unauthenticated, local attacker to run executable files with elevated privileges. | 7.8 |
| 2018-04-16 | CVE-2018-10172 | Improper Privilege Management vulnerability in 7-Zip 7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context of a sandboxed process. | 8.8 |
| 2018-04-13 | CVE-2018-4173 | Improper Privilege Management vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.5 |
| 2018-04-13 | CVE-2017-0358 | Improper Privilege Management vulnerability in multiple products Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. | 7.8 |
| 2018-04-03 | CVE-2017-5703 | Improper Privilege Management vulnerability in Intel products Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service. | 6.0 |
| 2018-03-23 | CVE-2018-1000141 | Improper Privilege Management vulnerability in I-Librarian I Librarian I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in ajaxdiscussion.php that can result in any users gaining unauthorized access (read, write and delete) to project discussions. | 9.1 |
| 2018-03-22 | CVE-2017-0935 | Improper Privilege Management vulnerability in UI Edgeos 1.9.1/1.9.1.1 Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. | 8.8 |
| 2018-03-22 | CVE-2017-0934 | Improper Privilege Management vulnerability in Ubnt Edgeos Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. | 8.8 |
| 2018-03-22 | CVE-2017-0932 | Improper Privilege Management vulnerability in Ubnt Edgeos Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of validation on the input of the Feature functionality. | 8.8 |