Lucene search
+L

1034 matches found

EUVD
EUVD
added 3 days ago6 views

EUVD-2026-44606

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, and versions 9.11.0.0 through 9.13.0.2 contains an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

6.7CVSS6.1AI score0.00105EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-49501

CVE-2026-49501 affects Dell PowerScale OneFS for all listed versions (9.5.0.0–9.10.1.7 and 9.11.0.0–9.13.0.2) with an Improper Privilege Management flaw that could allow a highly privileged attacker with local access to elevate privileges. The public descriptions identify the vulnerable component...

6.7CVSS6.1AI score0.00105EPSS
Exploits0References1Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 3 days ago5 views

Oracle E-Business Suite Improper Privilege Management Vulnerability

Oracle E-Business Suite contains an improper privilege management vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments...

9.8CVSS6.1AI score0.01045EPSS
In wildExploits2
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58017

Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows. This issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7...

8.5CVSS6.1AI score0.001EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/10 7:15 a.m.7 views

EUVD-2026-42837

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 9:25 p.m.6 views

Security Bulletin: An Improper Privilege Management vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2026-3621).

Summary An Improper Privilege Management vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2026-3621. IBM WebSphere Liberty has been updated within IBM CICS TX Advanced to address this vulnerability. Vulnerability Details CVEID:CVE-2026-3621 DESCRIPTION:...

7.5CVSS5.4AI score0.00276EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.10 views

CVE-2026-8148

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks...

7.8CVSS5.4AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.10 views

CVE-2026-7778

An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 5.0, Medium. This...

5CVSS5.3AI score0.00168EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/04 7:28 p.m.9 views

Improper Privilege Management

Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Improper Privilege Management via the upsertUser function. An attacker can gain unauthorized administrative privileges by creating or updating user accounts with elevated permissions...

8.5CVSS5.8AI score0.00034EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/01 5:10 a.m.10 views

Improper Privilege Management

Overview Affected versions of this package are vulnerable to Improper Privilege Management in the handleSave function of the RoleAdmin Gateway component in the ttsconfig.go file. An attacker can gain unauthorized access to privileged operations by exploiting improper privilege management through...

6.5CVSS6.6AI score0.00209EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/22 10:4 p.m.10 views

EUVD-2026-31521

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS5.8AI score0.00551EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/22 9:41 p.m.10 views

Improper Privilege Management

Overview Affected versions of this package are vulnerable to Improper Privilege Management in PATCH /api/v3/core/users/pk/. An attacker can gain elevated privileges by assigning arbitrary groups, including those with administrator-equivalent permissions, to users they control or have access to,...

8.1CVSS5.9AI score0.00535EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/21 2:0 p.m.21 views

Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS5.8AI score0.00551EPSS
Exploits0
Snyk
Snyk
added 2026/05/18 5:42 p.m.9 views

Improper Privilege Management

Overview @budibase/frontend-core is a Budibase frontend core libraries used in builder and client Affected versions of this package are vulnerable to Improper Privilege Management through the onboardUsers function. An attacker can gain unauthorized administrative privileges by sending crafted...

8.8CVSS5.8AI score0.00261EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:42 p.m.32 views

Improper Privilege Management

Overview @budibase/builder is a npm install Affected versions of this package are vulnerable to Improper Privilege Management through the onboardUsers function. An attacker can gain unauthorized administrative privileges by sending crafted requests to the affected endpoint, allowing the creation ...

8.8CVSS5.8AI score0.00261EPSS
Exploits0References2
Amd
Amd
added 2026/05/12 12:0 a.m.14 views

AMD Device Management Portal Key Download

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62619| Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to...

6.3CVSS5.8AI score0.00321EPSS
Exploits0
CVE
CVE
added 2026/05/11 9:39 a.m.21 views

CVE-2026-26946

CVE-2026-26946 affects Dell EMC ECS (versions 3.8.1.0–3.8.1.7) and Dell ObjectScale (prior to 4.3.0.0). The issue is an improper privilege management vulnerability in the operating system. A high-privileged attacker with local access could potentially exploit this to achieve elevation of privileg...

6.7CVSS5.8AI score0.00104EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/11 9:39 a.m.8 views

CVE-2026-26946

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS5.8AI score0.00104EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.12 views

Microsoft Dynamics 365 Customer Insights Elevation of Privilege Vulnerability

Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score0.00659EPSS
Exploits0
EUVD
EUVD
added 2026/05/05 3:31 p.m.10 views

EUVD-2026-27331

An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 5.0, Medium. This...

5CVSS5.7AI score0.00168EPSS
Exploits0References3
Rows per page
Query Builder