CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,830 vulnerabilities with CWE-269
CVE-2024-27711 HIGH
Eskooly Free Online School <v.3.0 - Privilege Escalation
CVSS 8.8
CVE-2024-27710 CRITICAL
Eskooly Free Online School <3.0 - Privilege Escalation
CVSS 9.8
CVE-2024-37726 MEDIUM
MSI Center <2.0.36.0 - Privilege Escalation
CVSS 6.8
CVE-2024-39206 HIGH
MSP360 Backup Agent <7.9.4.84 - Info Disclosure
CVSS 7.5
CVE-2024-26314 HIGH
Jungo WinDriver 6.0.0-16.1.0 - Local Privilege Escalation and Arbitrary Code Execution
CVSS 7.8
CVE-2024-25088 HIGH
Jungo WinDriver <12.5.1 - Privilege Escalation
CVSS 7.8
CVE-2024-25086 HIGH
Jungo WinDriver <12.2.0 - Privilege Escalation
CVSS 7.8
CVE-2024-22106 HIGH
Jungo WinDriver <12.5.1 - Privilege Escalation
CVSS 7.8
CVE-2024-37133 MEDIUM
Dell PowerScale OneFS 8.2.2-9.8.0.0 - Privilege Escalation to Root
CVSS 6.7
CVE-2024-37126 MEDIUM
Dell PowerScale OneFS 8.2.2-9.8.0.0 - Authenticated Privilege Escalation
CVSS 6.7
CVE-2024-32854 MEDIUM
Dell PowerScale OneFS 8.2.2.x-9.8.0.0 - Privilege Escalation
CVSS 6.7
CVE-2024-39302 LOW
BigBlueButton - Privilege Escalation
CVSS 3.7
CVE-2024-4395 HIGH
Jamf Compliance Editor <1.3.1 - Privilege Escalation
CVSS 7.8
CVE-2024-5009 HIGH
WhatsUp Gold < 23.1.3 - Improper Access Control in InstallController.SetAdminPassword
CVSS 8.4
CVE-2024-37107 HIGH
WishList Member X < 3.26.7 - Authenticated Privilege Escalation
CVSS 8.8
CVE-2024-6240 HIGH
Parallels Desktop Software <19.3.0 - Privilege Escalation
CVSS 7.7
CVE-2024-2003 HIGH
ESET <version> - Privilege Escalation
CVSS 7.3
CVE-2024-4390 MEDIUM
Depicter < 3.0.2 - Authenticated Arbitrary Nonce Generation
CVSS 6.5
CVE-2024-33374 CRITICAL
LB-LINK BL-W1210M v2.0 - Privilege Escalation
CVSS 9.8
CVE-2024-36500 HIGH
Huawei EMUI and HarmonyOS - Privilege Escalation in AMS Module
CVSS 7.8
CVE-2024-36499 MEDIUM
Huawei EMUI and HarmonyOS - Unauthorized Screenshot Capture in WMS Module
CVSS 6.8
CVE-2024-32918 MEDIUM
Android - Permission Bypass via Incomplete HDCP Key Exchange Initialization
CVSS 6.1
CVE-2024-32906 HIGH
Android - Local Privilege Escalation via Uninitialized Data in AcvpOnMessage
CVSS 7.8
CVE-2024-32899 HIGH
Android - Local Privilege Escalation to TEE via GPU Power Management Race Condition
CVSS 7.0
CVE-2024-29784 HIGH
Lwis Periodic Io - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 2,830
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits