Lucene search
K

1029 matches found

CVE
CVE
added 2026/02/04 6:14 a.m.13 views

CVE-2026-20979

CVE-2026-20979 affects Samsung Settings prior to SMR Feb-2026 Release 1. The issue is improper privilege management that lets local attackers launch arbitrary activity with Settings privileges. Impact is local privilege escalation. Remediation: update Samsung Settings to SMR Feb-2026 Release 1 or...

8.4CVSS5.5AI score0.00129EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Hanwha Vision Camera Improper Privilege Management (CVE-2025-52599)

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered Inadequate of permission management for camera guest account. The manufacturer has released patch firmware for the flaw, please refer to the...

6.5CVSS8.4AI score0.00212EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.9 views

WordPress plugin Modular DS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

9.8CVSS6.5AI score0.20631EPSS
Exploits8References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.6 views

CVE-2021-22801

A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configured with specially crafted event actions. Affected Product: ConneXium Network Manager Software All Versions...

9.8CVSS7.2AI score0.01557EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:59 a.m.11 views

CVE-2020-7509

A CWE-269: Improper privilege management write vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to elevate their privileges and delete files...

7.2CVSS6.9AI score0.0119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.6 views

CVE-2023-50890

Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.20...

8.8CVSS7AI score0.00547EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.8 views

CVE-2023-45581

An improper privilege management vulnerability CWE-269 in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests...

8.8CVSS7AI score0.00823EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.4 views

WordPress plugin Premium Age Verification / Restriction 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.5AI score0.00254EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/18 3:18 p.m.11 views

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Privilege Management in Grafana (CVE-2024-1442)

Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2024-1442 Vulnerability Details CVEID:CVE-2024-1442 DESCRIPTION: A user with the permissions to create a data source can use Grafana API to...

8.8CVSS6.6AI score0.00802EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

WordPress plugin Hotel Listing 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

8.8CVSS6.7AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.3 views

WordPress plugin PenciDesign Soledad 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

9.8CVSS6.7AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

WordPress plugin PostX 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.2CVSS6.7AI score0.0034EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/05 12:0 a.m.4 views

Dell PowerScale OneFS 8.2.2 <= 9.7.0.3 / 9.8.0.0 < 9.8.0.1 Improper Privilege Management (DSA-2024-255)

The Dell PowerScale OneFS on the remote device is missing a security patch and is, therefore, affected by improper privilege management vulnerability. - Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker...

6.7CVSS5.5AI score0.00157EPSS
Exploits0References2
CVE
CVE
added 2025/11/28 2:20 p.m.17 views

CVE-2025-59790

CVE-2025-59790 affects Apache Kvrocks (versions 2.9.0–2.13.0). The root issue is improper privilege management, specifically relating to the RESET command, which can elevate privileges to administrator level. A fix is available in Kvrocks 2.14.0. Multiple sources (NVD, RH, CNVD, OSV, CNVD/others)...

5.4CVSS6.6AI score0.00356EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.5 views

PT-2025-48339

Name of the Vulnerable Software and Affected Versions Apache Kvrocks versions 2.9.0 through 2.13.0 Description An improper privilege management issue exists in Apache Kvrocks. Upgrade to version 2.14.0 to resolve the issue. Recommendations Upgrade to version 2.14.0...

5.4CVSS6.8AI score0.00356EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.4 views

PT-2025-48215

Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ElasticNet UME R32: ElasticNet UME R32 V16.23.20.04...

7.5CVSS7AI score0.00241EPSS
Exploits0References2
CVE
CVE
added 2025/11/18 5:1 p.m.73 views

CVE-2025-54821

CVE-2025-54821 affects Fortinet FortiOS (versions 6.4 and 7.0–7.6.3), FortiPAM (1.0–1.6.0), and FortiProxy (7.0–7.6.3). The root cause is improper privilege management (CWE-269) that may allow an authenticated administrator to bypass the trusted-host policy via crafted CLI commands. Public source...

6CVSS5.8AI score0.00135EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2025/11/14 12:0 a.m.2 views

Intel CIP Elevation of Privilege Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from improper privilege management and can be exploited by an attacker to cause elevation of...

8.8CVSS7.2AI score0.00269EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Improper Check for Dropped Privileges (CVE-2019-18276)

An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems th...

7.8CVSS7AI score0.02608EPSS
Exploits5References3
Vulnrichment
Vulnrichment
added 2025/11/11 4:49 p.m.4 views

CVE-2025-24838

Improper privilege management for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...

8.8CVSS6.4AI score0.00269EPSS
Exploits0References1
Rows per page
Query Builder