Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

CVEs (2,777)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-4536 1Qemu 1Qemu Nov 21, 2024 May 28, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary co...Show more An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.Show less
CVE-2021-22118 3Netapp OracleVmware 32Commerce Guided Search Communications Brm Elastic Charging EngineCommunications Cloud Native Core Binding Support Function+29 more Nov 21, 2024 May 27, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticat...Show more In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.Show less
CVE-2021-22733 1Schneider Electric 2Homelynk Firmware Spacelynk Firmware Nov 21, 2024 May 26, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder.
CVE-2021-22732 1Schneider Electric 2Homelynk Firmware Spacelynk Firmware Nov 21, 2024 May 26, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server.
CVE-2018-16497 1Versa Networks 1Versa Analytics Nov 21, 2024 May 26, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability...Show more In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability. In this case, the job runs a script as root that is writable by users who are members of the versa group.Show less
CVE-2020-28904 1Nagios 1Fusion Nov 21, 2024 May 24, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code.
CVE-2021-20713 1Qualitysoft 1Qnd Nov 21, 2024 May 24, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Privilege escalation vulnerability in QND Advance/Premium/Standard Ver.11.0.4i and earlier allows an attacker who can log in to the PC where the product's Windows client is installed to gain administrative privileges via...Show more Privilege escalation vulnerability in QND Advance/Premium/Standard Ver.11.0.4i and earlier allows an attacker who can log in to the PC where the product's Windows client is installed to gain administrative privileges via unspecified vectors. As a result, sensitive information may be altered/obtained or unintended operations may be performed.Show less
CVE-2021-24289 1De Baat 1Store Locator Plus Nov 21, 2024 May 17, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin.
CVE-2021-23891 1Mcafee 1Total Protection Nov 21, 2024 May 12, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.
CVE-2021-31169 1Microsoft 2Windows 10 Windows Server 2016 Nov 21, 2024 May 11, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-31168 1Microsoft 2Windows 10 Windows Server 2016 Nov 21, 2024 May 11, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-21430 1Openapi Generator 1Openapi Generator Nov 21, 2024 May 10, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating...Show more OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. Affected generators: `java` (jersey2, okhttp-gson (default library)), `scala-finch`. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version.Show less
CVE-2021-21428 1Openapi Generator 1Openapi Generator Nov 21, 2024 May 10, 2021 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insec...Show more Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation process. The insecure temporary folders store the auto-generated files which can be read and appended to by any users on the system. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version.Show less
CVE-2021-1447 1Cisco 1Content Security Management Appliance Nov 21, 2024 May 6, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerab...Show more A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password generation algorithm. An attacker could exploit this vulnerability by enabling specific Administrator-only features and connecting to the appliance through the CLI with elevated privileges. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. To exploit this vulnerability, the attacker must have valid Administrator credentials.Show less
CVE-2021-1401 1Cisco 6Wap125 Firmware Wap131 FirmwareWap150 Firmware+3 more Nov 21, 2024 May 6, 2021 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information...Show more Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1400 1Cisco 6Wap125 Firmware Wap131 FirmwareWap150 Firmware+3 more Nov 21, 2024 May 6, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information...Show more Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2020-28014 1Exim 1Exim Nov 21, 2024 May 6, 2021 N/A· v4 6.1 MEDIUM· v3 5.6 MEDIUM· v2 Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten.
CVE-2020-28008 1Exim 1Exim Nov 21, 2024 May 6, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an attacker can write to a /var/spool/exim4/input spool header file, in...Show more Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution.Show less
CVE-2020-23128 1Chamilo 1Chamilo Lms Nov 21, 2024 May 6, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privile...Show more Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.Show less
CVE-2020-27518 1Windscribe 1Windscribe Nov 21, 2024 May 4, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute...Show more All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM.Show less

Previous 1...969798...139 Next