CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,830 vulnerabilities with CWE-269
CVE-2024-36586 HIGH
AdGuardHome <latest - Privilege Escalation
CVSS 8.8
CVE-2024-37665 HIGH
Wvp GB28181 Pro 2.0 - Authenticated Privilege Escalation via Crafted POST Request
CVSS 8.8
CVE-2024-5909 MEDIUM
Cortex XDR Agent 7.9-7.9.101 and 8.1-8.1.1 - Local Privilege Escalation via Agent Disabling
CVSS 5.5
CVE-2024-5907 HIGH
Palo Alto Networks Cortex XDR Agent 7.9-7.9.101 and 8.1-8.2.2 - Local Privilege Escalation via Race Condition
CVSS 7.0
CVE-2024-5759 MEDIUM
Tenable Security Center < 6.3.0 - Authenticated Privilege Escalation
CVSS 5.4
CVE-2024-33500 MEDIUM
Mendix 10 <V10.11.0, V10.6 <V10.6.9, V9 >=V9.3.0 <V9.24.22 - Privil...
CVSS 5.9
CVE-2024-32849 HIGH
Trend Micro Maximum Security 2022-2023 17.0-17.6 - Privilege Escalation via Unintended File Deletion
CVSS 7.8
CVE-2024-27811 HIGH
iPadOS < 17.5 - Improper Privilege Management
CVSS 7.8
CVE-2024-34332 HIGH
SiSoftware SANDRA <31.66 - Privilege Escalation
CVSS 7.8
CVE-2024-37364 MEDIUM
Ariane Allegro Scenario Player <2024-03-05 - Info Disclosure
CVSS 6.8
CVE-2024-29976 MEDIUM
Zyxel NAS326 <V5.21(AAZF.17)C0 - Privilege Escalation
CVSS 6.5
CVE-2024-29975 MEDIUM
Zyxel NAS326 <V5.21(AAZF.17)C0 - Privilege Escalation
CVSS 6.7
CVE-2024-5525 HIGH
Astrotalks 10/03/2023 - Unauthenticated Privilege Escalation
CVSS 8.3
CVE-2024-35430 HIGH
ZKTeco ZKBio CVSecurity <= 6.1.1_R - Authenticated Privilege Escalation via Password Bypass
CVSS 8.1
CVE-2024-36056 MEDIUM
Marvin Test HW.exe <5.0.5.0 - Privilege Escalation
CVSS 5.4
CVE-2024-34454 HIGH
Nintendo Wii U OS 5.5.5 - SSL Forgery
CVSS 7.4
CVE-2024-27264 HIGH
IBM Performance Tools for i <7.6 - Privilege Escalation
CVSS 7.4
CVE-2024-36077 HIGH
Qlik Sense Enterprise for Windows <14.187.4 - Privilege Escalation
CVSS 8.8
CVE-2024-33226 CRITICAL
Wistron Corporation TBT Force Power Control <1.0.0.0 - Privilege Es...
CVSS 9.9
CVE-2024-33224 HIGH
Realtek lO Driver <v1.008.0823.2017 - Privilege Escalation
CVSS 8.4
CVE-2024-33223 HIGH
ASUS GPU TweakII <1.4.5.2 - Privilege Escalation
CVSS 8.8
CVE-2024-31756 HIGH
MarvinTest Solutions Hardware Access Driver <5.0.4.0 - Privilege Es...
CVSS 7.8
CVE-2024-31757 HIGH
TeraByte Unlimited Image for Windows <4.0.0.0 - Privilege Escalation
CVSS 7.8
CVE-2024-4988 HIGH
TECNO com.transsion.videocallenhancer 1.1.9.973 - Unauthenticated Private File Leakage
CVSS 7.5
CVE-2024-32960 HIGH
Booking Ultra Pro - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 2,830
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits