CWE:
 

Topic
Date
Author
Med.
Razer Synapse Race Condition / DLL Hijacking
18.09.2023
Dr. Oliver Schwarz
Low
Gantt-Chart For Jira 5.5.3 Missing Privilege Check
04.08.2020
Sebastian Auwaerter
Med.
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation
17.05.2020
Matthew Bergin
Med.
Ultimate Member 2.39 Unauthorized profile modification
18.06.2019
Clément Cruchet
Med.
WordPress Plugin WooCommerce GloBee (cryptocurrency) Payment Gateway 1.1.1 Payment Bypass / Unauthorized Order Status Spoofing
27.02.2019
GeekHack
Med.
Goozmo™ Systems v.1.0 Improper Privilege Management
29.01.2019
KingSkrupellos
Med.
TP-Link EAP Controller CSRF / Hard-Coded Key / XSS
04.05.2018
Core
Med.
SpiderControl SCADA Web Server 2.02.0007 Improper Privilege Management
01.11.2017
Karn Ganeshen
Med.
Solarwinds LEM 6.3.1 Sudo Script Abuse Privilege Escalation
25.04.2017
Hank Leininger and Mat...
Med.
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Privilege Escalation
18.02.2017
Matt Bergin
Med.
phpMyAdmin 3.5.x/4.0.x privilege escalation
30.07.2013
SecuriTeam Secure Disc...
High
Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability
27.09.2012
X-Cisadane


CVEMAP Search Results

CVE
Details
Description
2024-06-24
Waiting for details
CVE-2024-37107

Updating...
 

 
Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a through 3.25.1.

 
2024-06-21
Waiting for details
CVE-2024-6240

Updating...
 

 
Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASH_ENV environment variable with the path to the malicious script, executing on application startup. An attacker could exploit this vulnerability to escalate privileges on the system.

 
2024-06-11
Waiting for details
CVE-2024-33500

Updating...
 

 
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11.0), Mendix Applications using Mendix 10 (V10.6) (All versions < V10.6.9), Mendix Applications using Mendix 9 (All versions >= V9.3.0 < V9.24.22). Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a target role which contains the elevated access rights.

 
2024-06-04
Waiting for details
CVE-2024-29976

Updating...
 

 
** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the command �??show_allsessions�?� in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated attacker to obtain a logged-in administrator�??s session information containing cookies on an affected device.

 
Waiting for details
CVE-2024-29975

Updating...
 

 
** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated local attacker with administrator privileges to execute some system commands as the �??root�?� user on a vulnerable device.

 
Waiting for details
CVE-2023-47837

Updating...
 

 
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.

 
Waiting for details
CVE-2024-35700

Updating...
 

 
Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.

 
2024-05-31
Waiting for details
CVE-2024-5525

Updating...
 

 
Improper privilege management vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability allows a local user to access the application as an administrator without any provided credentials, allowing the attacker to perform administrative actions.

 
2024-05-17
Waiting for details
CVE-2024-34370

Updating...
 

 
Improper Privilege Management vulnerability in WPFactory EAN for WooCommerce allows Privilege Escalation.This issue affects EAN for WooCommerce: from n/a through 4.8.9.

 
Waiting for details
CVE-2024-33569

Updating...
 

 
Improper Privilege Management vulnerability in Darren Cooney Instant Images allows Privilege Escalation.This issue affects Instant Images: from n/a through 6.1.0.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top