Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-15 | CVE-2018-0821 | Improper Privilege Management vulnerability in Microsoft Windows 10 and Windows Server 2016 AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way constrained impersonations are handled, aka "Windows AppContainer Elevation Of Privilege Vulnerability". | 7.0 |
| 2018-02-09 | CVE-2018-1000028 | Improper Privilege Management vulnerability in Linux Kernel Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. | 7.4 |
| 2018-02-09 | CVE-2017-10690 | Improper Privilege Management vulnerability in multiple products In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. | 6.5 |
| 2018-02-09 | CVE-2017-10689 | Improper Privilege Management vulnerability in multiple products In previous versions of Puppet Agent it was possible to install a module with world writable permissions. | 5.5 |
| 2018-02-09 | CVE-2018-1368 | Improper Privilege Management vulnerability in IBM Security Guardium Database Activity Monitor 9.0/9.1/9.5 IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so there is risk that someone not authorized can change things that they are not suppose to. | 4.4 |
| 2018-02-05 | CVE-2017-15536 | Improper Privilege Management vulnerability in Cloudera Data Science Workbench An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. | 8.8 |
| 2018-01-16 | CVE-2018-5706 | Improper Privilege Management vulnerability in Octopus Deploy An issue was discovered in Octopus Deploy before 4.1.9. | 8.8 |
| 2018-01-10 | CVE-2018-0010 | Improper Privilege Management vulnerability in Juniper Junos Space A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. | 6.5 |
| 2018-01-09 | CVE-2017-1493 | Improper Privilege Management vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access controls. | 5.4 |
| 2018-01-04 | CVE-2018-0751 | Improper Privilege Management vulnerability in Microsoft products The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". | 7.1 |