Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

CVEs (2,778)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-27645 1Powerampapp 1Poweramp Feb 10, 2025 Apr 11, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters.
CVE-2023-20680 1Google 1Android Feb 12, 2025 Apr 6, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In adsp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...Show more In adsp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664785; Issue ID: ALPS07664785.Show less
CVE-2023-20655 1Google 1Android Mar 17, 2025 Apr 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitati...Show more In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022.Show less
CVE-2023-0959 1Imaworldhealth 1Bhima Feb 13, 2025 Apr 5, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Bhima version 1.27.0 allows a remote attacker to update the privileges of any account registered in the application via a malicious link sent to an administrator. This is possible because the application is vulnerable to...Show more Bhima version 1.27.0 allows a remote attacker to update the privileges of any account registered in the application via a malicious link sent to an administrator. This is possible because the application is vulnerable to CSRF.Show less
CVE-2023-28855 1Teclib Edition 1Fields Nov 21, 2024 Apr 5, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to versions 1.13.1 and 1.20.4, lack of access control check allows any authenticated user to write data to any fields container, i...Show more Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to versions 1.13.1 and 1.20.4, lack of access control check allows any authenticated user to write data to any fields container, including those to which they have no configured access. Versions 1.13.1 and 1.20.4 contain a patch for this issue.Show less
CVE-2023-28632 1Glpi Project 1Glpi Nov 21, 2024 Apr 5, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 GLPI is a free asset and IT management software package. Starting in version 0.83 and prior to versions 9.5.13 and 10.0.7, an authenticated user can modify emails of any user, and can therefore takeover another user acco...Show more GLPI is a free asset and IT management software package. Starting in version 0.83 and prior to versions 9.5.13 and 10.0.7, an authenticated user can modify emails of any user, and can therefore takeover another user account through the "forgotten password" feature. By modifying emails, the user can also receive sensitive data through GLPI notifications. Versions 9.5.13 and 10.0.7 contain a patch for this issue. As a workaround, account takeover can be prevented by deactivating all notifications related to `Forgotten password?` event. However, it will not prevent unauthorized modification of any user emails.Show less
CVE-2022-48227 1Gbgplc 1Acuant Asureid Sentinel Feb 13, 2025 Apr 4, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86, aka CORE-7361.
CVE-2022-48226 1Gbgplc 1Acuant Acufill Sdk Feb 13, 2025 Apr 4, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code executio...Show more An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation.Show less
CVE-2023-0192 1Nvidia 1Virtual Gpu Nov 21, 2024 Apr 1, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information disclosure.
CVE-2023-1762 1Phpmyfaq 1Phpmyfaq Nov 21, 2024 Mar 31, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2017-6894 1Flexera 2Flexnet Manager Flexnet Manager Suite 2015 Feb 18, 2025 Mar 29, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability exists in FlexNet Manager Suite releases 2015 R2 SP3 and earlier (including FlexNet Manager Platform 9.2 and earlier) that affects the inventory gathering components and can be exploited by local users to...Show more A vulnerability exists in FlexNet Manager Suite releases 2015 R2 SP3 and earlier (including FlexNet Manager Platform 9.2 and earlier) that affects the inventory gathering components and can be exploited by local users to perform certain actions with elevated privileges on the local system.Show less
CVE-2023-0664 3Fedoraproject QemuRedhat 3Enterprise Linux FedoraQemu Feb 18, 2025 Mar 29, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the syst...Show more A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.Show less
CVE-2022-48353 1Huawei 2Emui Harmonyos Feb 24, 2025 Mar 27, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause kernel privilege escalation, which results in system service exceptions.
CVE-2023-28640 1Apiman 1Apiman Nov 21, 2024 Mar 27, 2023 N/A· v4 3.1 LOW· v3 N/A· v2 Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permissio...Show more Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess the URL, which includes Organisation ID, Client ID, and Client Version of the targeted non-permitted resource. While not trivial to exploit, it could be achieved by brute-forcing or guessing common names. Access to the non-permitted API Keys could allow use of other users' resources without their permission (depending on the specifics of configuration, such as whether an API key is the only form of security). Apiman 3.1.0.Final resolved this issue. Users are advised to upgrade. The only known workaround is to restrict account access. Show less
CVE-2023-21068 1Google 1Android Feb 20, 2025 Mar 24, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to local escalation of privilege after preparing the device, hiding the warning, and pas...Show more In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to local escalation of privilege after preparing the device, hiding the warning, and passing the phone to a new user, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243433344References: N/AShow less
CVE-2023-20995 1Google 1Android Feb 25, 2025 Mar 24, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 In captureImage of CustomizedSensor.cpp, there is a possible way to bypass the fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...Show more In captureImage of CustomizedSensor.cpp, there is a possible way to bypass the fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-241910279Show less
CVE-2023-28436 1Tailscale 1Tailscale Nov 21, 2024 Mar 23, 2023 N/A· v4 8.0 HIGH· v3 N/A· v2 Tailscale is software for using Wireguard and multi-factor authentication (MFA). A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to prior to 1.38.2 in FreeBSD allows...Show more Tailscale is software for using Wireguard and multi-factor authentication (MFA). A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to prior to 1.38.2 in FreeBSD allows commands to be run with a higher privilege group ID than that specified in Tailscale SSH access rules. A difference in the behavior of the FreeBSD `setgroups` system call from POSIX meant that the Tailscale client running on a FreeBSD-based operating system did not appropriately restrict groups on the host when using Tailscale SSH. When accessing a FreeBSD host over Tailscale SSH, the egid of the tailscaled process was used instead of that of the user specified in Tailscale SSH access rules. Tailscale SSH commands may have been run with a higher privilege group ID than that specified in Tailscale SSH access rules if they met all of the following criteria: the destination node was a FreeBSD device with Tailscale SSH enabled; Tailscale SSH access rules permitted access for non-root users; and a non-interactive SSH session was used. Affected users should upgrade to version 1.38.2 to remediate the issue. Show less
CVE-2023-27094 1Opengoofy 1Hippo4j Feb 26, 2025 Mar 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue found in OpenGoofy Hippo4j v.1.4.3 allows attackers to escalate privileges via the ThreadPoolController of the tenant Management module.
CVE-2023-28758 1Veritas 1Netbackup Feb 25, 2025 Mar 23, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to specify a log file path when executing a NetBackup command. This can be used to overwrite existing NetBackup log files.
CVE-2022-43863 1Ibm 1Qradar Security Information And Event Manager Nov 21, 2024 Mar 22, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. IBM X-Force ID: 239425.

Previous 1...666768...139 Next