Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2019-7319 | Improper Privilege Management vulnerability in Cloudera CDH 6.0.0/6.0.1/6.1.0 An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. | 8.3 |
| 2019-11-26 | CVE-2017-7399 | Improper Privilege Management vulnerability in Cloudera Manager Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users. | 8.8 |
| 2019-11-26 | CVE-2015-7831 | Improper Privilege Management vulnerability in Cloudera CDH In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used. | 8.8 |
| 2019-11-25 | CVE-2012-6639 | Improper Privilege Management vulnerability in multiple products An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. | 8.8 |
| 2019-11-25 | CVE-2019-13705 | Improper Privilege Management vulnerability in multiple products Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. | 4.3 |
| 2019-11-25 | CVE-2019-13702 | Improper Privilege Management vulnerability in multiple products Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable. | 7.8 |
| 2019-11-25 | CVE-2012-5617 | Improper Privilege Management vulnerability in multiple products gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation | 7.8 |
| 2019-11-20 | CVE-2019-3466 | Improper Privilege Management vulnerability in multiple products The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | 7.8 |
| 2019-11-19 | CVE-2011-3349 | Improper Privilege Management vulnerability in Lightdm Project Lightdm lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. | 7.8 |
| 2019-11-19 | CVE-2011-4954 | Improper Privilege Management vulnerability in Cobblerd Cobbler cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE | 7.8 |