CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,834 vulnerabilities with CWE-269
CVE-2023-21990 HIGH
Oracle VM VirtualBox <6.1.44-7.0.8 - Privilege Escalation
CVSS 8.2
CVE-2023-21987 HIGH
Oracle VM VirtualBox <6.1.44-7.0.8 - Privilege Escalation
CVSS 7.8
CVE-2023-21896 HIGH
Oracle Solaris <11 - Privilege Escalation
CVSS 7.0
CVE-2023-1548 MEDIUM
EcoStruxure Control Expert >= V15.1 - DoS
CVSS 5.5
CVE-2023-22946 MEDIUM
Apache Spark < 3.4.0 - Privilege Escalation via Malicious Classpath Configuration
CVSS 6.4
CVE-2023-27654 CRITICAL
whoapp WHO - Privilege Escalation via TTMultiProvider Component
CVSS 9.8
CVE-2023-29018 HIGH
OpenFeature Operator <0.2.32 - Privilege Escalation
CVSS 8.0
CVE-2023-27651 HIGH
Ego Studio SuperClean 1.1.5-1.1.9 - Privilege Escalation via Update Info Field
CVSS 7.8
CVE-2023-1326 HIGH
apport < 2.26.0 - Privilege Escalation via Terminal Size Manipulation
CVSS 7.7
CVE-2023-24509 CRITICAL
Arista EOS 4.23-4.23.13m - Authenticated Privilege Escalation via Standby Supervisor Login
CVSS 9.3
CVE-2023-27830 CRITICAL
TightVNC < 2.8.75 - Privilege Escalation via File Transfer
CVSS 9.0
CVE-2023-27645 CRITICAL
Poweramp - Improper Privilege Management via Reverb and EQ Preset Parameters
CVSS 9.8
CVE-2023-20680 MEDIUM
Android - Local Privilege Escalation via ADSP Improper Input Validation
CVSS 6.7
CVE-2023-20655 HIGH
Android - Privilege Escalation via Parcel Format Mismatch
CVSS 7.8
CVE-2023-0959 MEDIUM
Bhima 1.27.0 - Cross-Site Request Forgery to Privilege Escalation
CVSS 6.5
CVE-2023-28855 MEDIUM
Fields <1.13.1-1.20.4 - Privilege Escalation
CVSS 6.5
CVE-2023-28632 HIGH
GLPI <9.5.13, <10.0.7 - Privilege Escalation
CVSS 8.1
CVE-2023-0192 MEDIUM
NVIDIA GPU Display Driver - Privilege Escalation/Info Disclosure
CVSS 4.7
CVE-2023-1762 HIGH
thorsten/phpmyfaq <3.1.12 - Privilege Escalation
CVSS 8.8
CVE-2023-0664 HIGH
QEMU Guest Agent - Privilege Escalation
CVSS 7.8
CVE-2023-28640 MEDIUM
apiman < 3.1.0.Final - Authenticated Privilege Escalation via URL Guessing
CVSS 6.4
CVE-2023-21068 HIGH
Android - Local Privilege Escalation via Hidden Debug Policy
CVSS 7.8
CVE-2023-20995 HIGH
Android 13 - Local Privilege Escalation via Fingerprint Unlock Bypass
CVSS 7.8
CVE-2023-28436 MEDIUM
Tailscale <1.38.2 - Privilege Escalation
CVSS 5.7
CVE-2023-27094 HIGH
OpenGoofy Hippo4j <1.4.3 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 2,834
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits