Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

CVEs (2,755)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-7334 1Lenovo 1System Update Nov 21, 2024 Mar 27, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008...Show more MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type COMMAND type could allow a user to execute arbitrary code with elevated privileges.Show less
CVE-2015-7333 1Lenovo 1System Update Nov 21, 2024 Mar 27, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008...Show more MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type INF and INF_BY_COMPATIBLE_ID command types could allow a user to execute arbitrary code with elevated privileges.Show less
CVE-2020-8873 1Parallels 1Parallels Desktop Nov 21, 2024 Mar 23, 2020 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute high-privileged code on the target guest...Show more This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10031.Show less
CVE-2020-10793 1Codeigniter 1Codeigniter Nov 21, 2024 Mar 23, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be att...Show more CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown website built with the CodeIgniter framework but that CodeIgniter is not responsible for introducing this issue because the framework has never provided a login screen, nor any kind of login or user management facilities beyond a Session library. Also, another reporter indicates the issue is with a custom module/plugin to CodeIgniter, not CodeIgniter itself.Show less
CVE-2019-19345 1Redhat 1Openshift Nov 21, 2024 Mar 20, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mediawiki-apb. An attacker...Show more A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mediawiki-apb. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.Show less
CVE-2019-16071 1Netsas 1Enigma Nms Nov 21, 2024 Mar 20, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Enigma NMS 65.0.0 and prior allows administrative users to create low-privileged accounts that do not have the ability to modify any settings in the system, only view the components. However, it is possible for a low-pri...Show more Enigma NMS 65.0.0 and prior allows administrative users to create low-privileged accounts that do not have the ability to modify any settings in the system, only view the components. However, it is possible for a low-privileged user to perform all actions as an administrator by bypassing authorization controls and sending requests to the server in the context of an administrator.Show less
CVE-2020-3265 1Cisco 1Sd Wan Firmware Nov 21, 2024 Mar 19, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation....Show more A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.Show less
CVE-2019-19355 1Redhat 1Openshift Nov 21, 2024 Mar 18, 2020 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their pr...Show more An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4.Show less
CVE-2019-19351 1Redhat 1Openshift Nov 21, 2024 Mar 18, 2020 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privilege...Show more An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/jenkins-slave-base-rhel7-containera as shipped in Openshift 4 and 3.11.Show less
CVE-2020-3950 1Vmware 3Fusion Horizon ClientRemote Console Oct 30, 2025 Mar 17, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of...Show more VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed.Show less
CVE-2020-7916 1Thimpress 1Learnpress Nov 21, 2024 Mar 16, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 be_teacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpress_be_teacher U...Show more be_teacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpress_be_teacher URI without any additional permission checks. Therefore, any user can change its role to an instructor/teacher and gain access to otherwise restricted data.Show less
CVE-2020-6584 1Nagios 1Nagios Nov 21, 2024 Mar 16, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Nagios Log Server 2.1.3 has Incorrect Access Control.
CVE-2020-10589 1V2rayl Project 1V2rayl Nov 21, 2024 Mar 15, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo.
CVE-2020-10588 1V2rayl Project 1V2rayl Nov 21, 2024 Mar 15, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo.
CVE-2020-10088 1Gitlab 1Gitlab Nov 21, 2024 Mar 13, 2020 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on particular group settings, it was possible for invited groups to be given the incorrect permission level.
CVE-2020-0799 1Microsoft 7Windows 10 Windows 7Windows 8.1+4 more Nov 21, 2024 Mar 12, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
CVE-2020-0785 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Mar 12, 2020 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
CVE-2020-7254 1Mcafee 1Advanced Threat Defense Nov 21, 2024 Mar 12, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command.
CVE-2020-5253 1Nethack 1Nethack Nov 21, 2024 Mar 10, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.
CVE-2020-8113 1Gitlab 1Gitlab Nov 21, 2024 Mar 6, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 GitLab 10.7 and later through 12.7.2 has Incorrect Access Control.

Previous 1...112113114...138 Next