Lucene search
+L

4284 matches found

nvd
nvd
added yesterday6 views

CVE-2026-49501

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, and versions 9.11.0.0 through 9.13.0.2 contains an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

6.7CVSS0.00152EPSS
Exploits0References1
euvd
euvd
added yesterday5 views

EUVD-2026-44606

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, and versions 9.11.0.0 through 9.13.0.2 contains an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

6.7CVSS6.1AI score0.00152EPSS
Exploits0References1
cve
cve
added yesterday10 views

CVE-2026-49501

CVE-2026-49501 affects Dell PowerScale OneFS for all listed versions (9.5.0.0–9.10.1.7 and 9.11.0.0–9.13.0.2) with an Improper Privilege Management flaw that could allow a highly privileged attacker with local access to elevate privileges. The public descriptions identify the vulnerable component...

6.7CVSS6.1AI score0.00152EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2 days ago4 views

CVE-2026-50295

Improper privilege management in Microsoft Windows DNS allows an authorized attacker to bypass a security feature locally...

5.5CVSS0.00222EPSS
Exploits0References1
cve
cve
added 2 days ago11 views

CVE-2026-50295

Technical details about CVE-2026-50295 are not publicly provided in the supplied documents. Monitor for updates from official sources.

5.5CVSS6AI score0.00222EPSS
Exploits0References1Affected Software4
cve
cve
added 2 days ago8 views

CVE-2026-49176

Summary: CVE-2026-49176 is a Windows WalletService elevation of privilege vulnerability described as improper privilege management that could allow an authorized local attacker to escalate privileges. The available sources (NVD/CVE records) confirm the issue but do not provide concrete details on...

7.8CVSS6AI score0.00245EPSS
Exploits0References1
mscve
mscve
added 2 days ago5 views

Windows WalletService Elevation of Privilege Vulnerability

Improper privilege management in Windows WalletService allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00245EPSS
Exploits0
nvd
nvd
added 2 days ago5 views

CVE-2026-53565

Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows. This issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7...

8.5CVSS0.001EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2 days ago5 views

PT-2026-58331

Name of the Vulnerable Software and Affected Versions Microsoft Install Service affected versions not specified Description Improper privilege management in the Microsoft Install Service allows an authorized attacker to elevate privileges locally, potentially granting full control over the system...

7.8CVSS6.1AI score0.02545EPSS
Exploits0References6
cvelist
cvelist
added 6 days ago33 views

CVE-2026-55843 Snipe-IT: Improper Privilege Management

Snipe-IT is an IT asset/license management system. Prior to 8.6.0, UsersController::update passes a missing permission request field through NormalizePermissionsPayloadAction and PreserveUnauthorizedPrivilegedPermissionsAction in a way that can overwrite a target user’s permissions with a sparse...

7CVSS0.00298EPSS
Exploits0References3
euvd
euvd
added 6 days ago6 views

EUVD-2026-42837

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internalauditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10,...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References1
osv
osv
added 2026/07/06 2:4 a.m.2 views

SUSE-SU-2026:2759-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-29167: modldap per-dir use-after-free bsc1267976. - CVE-2026-29170: modproxyftp XSS bsc1267977. - CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. - CVE-2026-34356: malicious backend servers can lead to a heap-based buffer...

9.8CVSS7.2AI score0.11471EPSS
Exploits8References27
cvelist
cvelist
added 2026/07/05 7:0 a.m.33 views

CVE-2026-14719 SourceCodester Onlne Examination & Learning Management System Registration Endpoint register.php privileges management

A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The...

7.5CVSS0.00288EPSS
Exploits0References6
thn
thn
added 2026/06/30 5:4 a.m.18 views

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 CVSS score: 9.8, refers to an improper privilege management and authentication flaw in Oracle Payments that could be...

9.8CVSS6AI score0.00677EPSS
Exploits2
redhatcve
redhatcve
added 2026/06/12 2:35 p.m.10 views

CVE-2026-44119

A flaw was found in Apache HTTP Server. This improper privilege management vulnerability allows local .htaccess authors to read files with the privileges of the httpd user. This could lead to unauthorized information disclosure...

5.5CVSS5.2AI score0.00171EPSS
Exploits0References4
ibm
ibm
added 2026/06/11 9:27 p.m.5 views

Security Bulletin: An Improper Privilege Management vulnerability may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2026-3621).

Summary An Improper Privilege Management vulnerability may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2026-3621. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address this vulnerability. Vulnerability Details CVEID:CVE-2026-362...

7.5CVSS5.4AI score0.00276EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/06/11 9:25 p.m.6 views

Security Bulletin: An Improper Privilege Management vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2026-3621).

Summary An Improper Privilege Management vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2026-3621. IBM WebSphere Liberty has been updated within IBM CICS TX Advanced to address this vulnerability. Vulnerability Details CVEID:CVE-2026-3621 DESCRIPTION:...

7.5CVSS5.4AI score0.00276EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/06/11 3:0 p.m.9 views

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Key Lifecycle Manager (CVE-2025-68161, CVE-2026-1726)

Summary Security Vulnerabilities have been addressed in IBM Guardium Key Lifecycle Manager Vulnerability Details CVEID:CVE-2026-1726 DESCRIPTION: IBM Security Guardium enables privilege escalation, allowing unauthorized users to perform administrative operations after being demoted. Attackers cou...

6.3CVSS6.1AI score0.00743EPSS
Exploits1Affected Software1
susecve
susecve
added 2026/06/10 2:27 a.m.12 views

SUSE CVE-2026-44119

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

6.5CVSS5.4AI score0.00171EPSS
Exploits0References6
redos
redos
added 2026/06/10 12:0 a.m.8 views

ROS-20260610-73-0007

The vulnerability in Thunderbird is related to the insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

8.8CVSS5.4AI score0.00221EPSS
Exploits0
Rows per page
Query Builder