Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-10 | CVE-2020-12757 | Improper Privilege Management vulnerability in Hashicorp Vault 1.4.0/1.4.1/1.4.2 HashiCorp Vault and Vault Enterprise 1.4.0 and 1.4.1, when configured with the GCP Secrets Engine, may incorrectly generate GCP Credentials with the default time-to-live lease duration instead of the engine-configured setting. | 7.5 |
| 2020-06-10 | CVE-2020-0115 | Improper Privilege Management vulnerability in Google Android In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. | 7.2 |
| 2020-06-10 | CVE-2020-0114 | Improper Privilege Management vulnerability in Google Android 10.0 In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. | 7.2 |
| 2020-06-10 | CVE-2020-7280 | Improper Privilege Management vulnerability in Mcafee Virusscan Enterprise 8.8 Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. | 7.8 |
| 2020-06-10 | CVE-2019-3588 | Improper Privilege Management vulnerability in Mcafee Virusscan Enterprise 8.8 Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked. | 6.8 |
| 2020-06-10 | CVE-2019-3585 | Improper Privilege Management vulnerability in Mcafee Virusscan Enterprise 8.8 Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges. | 7.8 |
| 2020-06-10 | CVE-2019-3617 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files. | 8.2 |
| 2020-06-09 | CVE-2020-8320 | Improper Privilege Management vulnerability in Lenovo products An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. | 4.6 |
| 2020-06-09 | CVE-2020-1334 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. | 4.6 |
| 2020-06-09 | CVE-2020-1324 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Elevation of Privilege Vulnerability'. | 4.6 |