The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
2,833 vulnerabilities with CWE-269
CVE-2023-36721
HIGH
Windows Error Reporting Service - Privilege Escalation
CVSS 7.0
CVE-2023-36569
HIGH
Microsoft Office - Privilege Escalation
CVSS 8.4
CVE-2023-5214
MEDIUM
Puppet Bolt < 3.27.4 - Privilege Escalation
CVSS 6.5
CVE-2023-26236
HIGH
WatchGuard EPDR <8.0.21.0002 - Privilege Escalation
CVSS 7.8
CVE-2023-5402
CRITICAL
C-Bus Toolkit < 1.16.3 - Remote Code Execution via Transfer Command
CVSS 9.8
CVE-2023-20235
MEDIUM
Cisco IOS XE < 17.3.1 - Authenticated Privilege Escalation via Docker Privileged Mode
CVSS 6.5
CVE-2023-44217
HIGH
SonicWall NetExtender < 10.2.336 - Local Privilege Escalation via MSI Repair Functionality
CVSS 7.8
CVE-2023-36628
HIGH
Purity//FA 6.1.0-6.3.10 - Privilege Escalation via VASA
CVSS 8.8
CVE-2023-43664
MEDIUM
PrestaShop < 8.1.2 - Improper Privilege Management in Back Office Module Listing
CVSS 4.3
CVE-2023-43663
MEDIUM
PrestaShop < 8.1.2 - Improper Privilege Management via Module Disabling
CVSS 6.3
CVE-2023-40375
HIGH
IBM i 7.2-7.5 - Local Privilege Escalation to Root
CVSS 7.4
CVE-2023-33972
HIGH
Scylladb < 5.2.8 - Authenticated Privilege Escalation via Table Creation
CVSS 7.2
CVE-2023-41326
HIGH
GLPI <10.0.10 - Privilege Escalation
CVSS 8.1
CVE-2023-41324
HIGH
GLPI 9.3.0-10.0.9 - Unauthorized Account Access via User Resource API
CVSS 8.1
CVE-2023-41322
MEDIUM
GLPI <10.0.10 - Privilege Escalation
CVSS 4.9
CVE-2023-41312
MEDIUM
Huawei EMUI and HarmonyOS - Improper Privilege Management in Audio Module
CVSS 5.3
CVE-2023-41309
HIGH
Huawei EMUI and HarmonyOS - Improper Privilege Management in MediaPlaybackController
CVSS 7.5
CVE-2023-39375
HIGH
SiberianCMS 4.0.0-4.20.44 - Improper Handling of Insufficient Privileges
CVSS 7.5
CVE-2023-34043
MEDIUM
VMware Aria Operations - Privilege Escalation
CVSS 6.7
CVE-2023-43457
CRITICAL
Service Provider Management System <1.0 - Privilege Escalation
CVSS 9.8
CVE-2023-41301
HIGH
Huawei EMUI and HarmonyOS - Unauthorized API Access in PMS Module
CVSS 7.5
CVE-2023-43766
HIGH
WithSecure Linux Protection 12.0 - Local Privilege Escalation via lhz Archive Unpack Handler
CVSS 7.8
CVE-2023-4662
CRITICAL
Adobe Connect < 9.0 - Remote Code Inclusion via Unnecessary Privileges
CVSS 9.8
CVE-2023-36657
CRITICAL
OPSWAT MetaDefender KIOSK <4.6.1.9996 - Privilege Escalation
CVSS 9.8
CVE-2023-42468
MEDIUM
color_phone <= 2.1.8-2 - Unauthenticated Phone Call Initiation via Exported DialerActivity Component
CVSS 5.3
Details
Vulnerabilities
2,833
Exploit Likelihood
Medium