Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

CVEs (2,777)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-1662 1Microsoft 3Windows 10 Windows Server 2016Windows Server 2019 Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-1659 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1657 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Windows Fax Compose Form Remote Code Execution Vulnerability
CVE-2021-1655 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1654 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1653 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1652 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1651 1Microsoft 6Visual Studio Visual Studio 2017Visual Studio 2019+3 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-1650 1Microsoft 6Windows 10 Windows 8.1Windows Rt 8.1+3 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2021-1649 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Active Template Library Elevation of Privilege Vulnerability
CVE-2021-1648 1Microsoft 5Windows 10 Windows 8.1Windows Server 2012+2 more Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2021-1646 1Microsoft 3Windows 10 Windows Server 2016Windows Server 2019 Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Windows WLAN Service Elevation of Privilege Vulnerability
CVE-2021-1642 1Microsoft 3Windows 10 Windows Server 2016Windows Server 2019 Nov 21, 2024 Jan 12, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVE-2021-0306 1Google 1Android Nov 21, 2024 Jan 11, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNITION permission witho...Show more In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNITION permission without user confirmation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-154505240.Show less
CVE-2018-9333 1K7computing 4Antivrius Enterprise SecurityTotal Security+1 more Nov 21, 2024 Jan 11, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.
CVE-2018-9332 1K7computing 4Antivrius Enterprise SecurityTotal Security+1 more Nov 21, 2024 Jan 11, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local).
CVE-2018-8724 1K7computing 4Antivrius Enterprise SecurityTotal Security+1 more Nov 21, 2024 Jan 11, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe.
CVE-2018-8044 1K7computing 4Antivrius Enterprise SecurityTotal Security+1 more Nov 21, 2024 Jan 11, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys.
CVE-2018-11008 1K7computing 4Antivrius Enterprise SecurityTotal Security+1 more Nov 21, 2024 Jan 11, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
CVE-2018-11006 1K7computing 4Antivrius Enterprise SecurityTotal Security+1 more Nov 21, 2024 Jan 11, 2021 N/A· v4 5.5 MEDIUM· v3 8.8 HIGH· v2 An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.

Previous 1...102103104...139 Next