Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-23 | CVE-2019-6685 | Improper Privilege Management vulnerability in F5 products On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. | 7.8 |
| 2019-12-18 | CVE-2012-2312 | Improper Privilege Management vulnerability in Redhat products An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. | 7.8 |
| 2019-12-16 | CVE-2019-5259 | Improper Privilege Management vulnerability in Huawei products There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). | 6.5 |
| 2019-12-16 | CVE-2019-19783 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. | 6.5 |
| 2019-12-13 | CVE-2019-5250 | Improper Privilege Management vulnerability in Huawei Mate 20 PRO Firmware Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. | 7.8 |
| 2019-12-13 | CVE-2019-16777 | Improper Privilege Management vulnerability in multiple products Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. | 6.5 |
| 2019-12-12 | CVE-2019-19726 | Improper Privilege Management vulnerability in Openbsd OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. | 7.8 |
| 2019-12-10 | CVE-2019-13738 | Improper Privilege Management vulnerability in multiple products Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page. | 6.5 |
| 2019-12-10 | CVE-2013-0293 | Improper Privilege Management vulnerability in Ovirt Node 2.6.01 oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation | 7.8 |
| 2019-12-06 | CVE-2019-2225 | Improper Privilege Management vulnerability in Google Android When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. | 8.8 |