CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,829 vulnerabilities with CWE-269
CVE-2024-5566 MEDIUM
GitHub Enterprise Server < 3.14 - Improper Privilege Management via Repository Migration
CVSS 5.8
CVE-2024-6326 MEDIUM
Rockwell Automation FactoryTalk - Info Disclosure
CVSS 5.5
CVE-2024-6325 MEDIUM
Rockwell Automation FactoryTalk <6.40 - Privilege Escalation
CVSS 6.5
CVE-2024-37560 HIGH
IqbalRony WP User Switch <1.1.0 - Privilege Escalation
CVSS 8.0
CVE-2024-6677 HIGH
Citrix uberAgent < 7.2.1 - Privilege Escalation
CVSS 7.8
CVE-2024-6624 CRITICAL
JSON API User <3.9.3 - Privilege Escalation
CVSS 9.8
CVE-2024-6286 HIGH
Citrix Workspace app for Windows - Privilege Escalation
CVSS 7.8
CVE-2024-6151 HIGH
Citrix Virtual Apps and Desktops - Privilege Escalation
CVSS 7.8
CVE-2024-3325 HIGH
JasperReport Servers <9.0.0 - Info Disclosure
CVSS 7.2
CVE-2024-6411 HIGH
ProfileGrid - WordPress <5.8.9 - Privilege Escalation
CVSS 8.8
CVE-2024-34725 HIGH
Android - Local Privilege Escalation via Race Condition in DevmemIntUnexportCtx
CVSS 7.0
CVE-2024-31334 HIGH
Android - Local Privilege Escalation via DevmemIntFreeDefBackingPage Logic Error
CVSS 7.8
CVE-2024-31325 HIGH
Android - Unprotected User Data Exposure via Logic Error
CVSS 7.8
CVE-2024-31323 HIGH
Android - Local Privilege Escalation via Tapjacking in Health Permissions Dialog
CVSS 7.8
CVE-2024-31322 HIGH
Android - Local Privilege Escalation via AccessibilityManagerService Input Validation
CVSS 7.8
CVE-2024-31320 HIGH
Android - Local Privilege Escalation via Companion Device Association
CVSS 7.8
CVE-2024-31318 HIGH
Android - Local Privilege Escalation via CompanionDeviceManagerService Missing Permission Check
CVSS 7.8
CVE-2024-31313 HIGH
Android - Local Privilege Escalation via MessageQueueBase.h Bounds Check
CVSS 7.8
CVE-2024-31311 HIGH
Android - Local Privilege Escalation via Missing Bounds Check in stats_event.c
CVSS 7.8
CVE-2024-23711 HIGH
Android - Local Privilege Escalation via DevmemXIntUnreserveRange Logic Error
CVSS 7.8
CVE-2024-38089 CRITICAL
Microsoft Defender for IoT - Privilege Escalation
CVSS 9.1
CVE-2024-37952 HIGH
BookYourTravel < 8.18.17 - Privilege Escalation
CVSS 8.8
CVE-2024-37484 HIGH
Zephyr Project Manager <= 3.3.97 - Privilege Escalation
CVSS 8.8
CVE-2024-37455 HIGH
Ultimate Addons for Elementor <= 1.36.31 - Privilege Escalation
CVSS 8.8
CVE-2024-27711 HIGH
Eskooly Free Online School <v.3.0 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 2,829
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits