The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
2,836 vulnerabilities with CWE-269
CVE-2020-13512
HIGH
NZXT CAM 4.8.0 - Privilege Escalation
CVSS 8.8
CVE-2020-13518
MEDIUM
NZXT CAM 4.8.0 - Information Disclosure via WinRing0x64 Driver IRP 0x9c402084
CVSS 6.5
CVE-2020-13517
MEDIUM
NZXT CAM 4.8.0 - Information Disclosure via WinRing0x64 Driver IRP 0x9c406104
CVSS 5.5
CVE-2020-13516
MEDIUM
NZXT CAM 4.8.0 - Information Disclosure via WinRing0x64 Driver IRP 0x9c406144
CVSS 6.5
CVE-2020-13511
MEDIUM
NZXT CAM 4.8.0 - Privilege Escalation via WinRing0x64 Driver IRP 0x9c4060d4
CVSS 6.5
CVE-2020-13510
MEDIUM
NZXT CAM 4.8.0 - Privilege Escalation via WinRing0x64 Driver IRP 0x9c4060d0
CVSS 6.5
CVE-2020-13509
MEDIUM
NZXT CAM 4.8.0 - Information Disclosure via WinRing0x64 Driver IRP 0x9c4060cc
CVSS 6.5
CVE-2020-12519
HIGH
Phoenix Contact PLCnext Control Devices <2021.0 LTS - RCE
CVSS 8.8
CVE-2020-29481
HIGH
Xen < 4.14.0 - Improper Privilege Management via Xenstore Node Access Rights
CVSS 8.8
CVE-2020-8283
HIGH
Citrix Universal Print Server - Command Injection
CVSS 8.8
CVE-2020-8258
HIGH
Citrix Gateway Plug-in <13.0-61.48 & 12.1-58.15 - Privilege Escalation
CVSS 7.5
CVE-2020-8257
CRITICAL
Citrix Gateway Plug-in <13.0-61.48, 12.1-58.15 - Privilege Escalation
CVSS 9.8
CVE-2020-27133
CRITICAL
Cisco Jabber - Information Disclosure via Sensitive Data Insertion
CVSS 9.9
CVE-2020-27132
CRITICAL
Cisco Jabber - Information Disclosure via Sensitive Data Insertion
CVSS 9.9
CVE-2020-27127
CRITICAL
Cisco Jabber - Information Disclosure via Sensitive Data Insertion
CVSS 9.9
CVE-2020-17103
HIGH
Windows Cloud Files Mini Filter Driver - Privilege Escalation
CVSS 7.0
CVE-2020-14318
MEDIUM
Samba 3.6.0-4.11.14 - Authenticated Improper Privilege Management
CVSS 4.3
CVE-2020-7335
HIGH
McAfee Total Protection < 16.0.29 - Privilege Escalation via Junction Link Timing Attack
CVSS 7.5
CVE-2020-9114
HIGH
FusionCompute 6.3.0, 6.3.1, 6.5.0, 6.5.1, 8.0.0 - Privilege Escalation via Improper Privilege Management
CVSS 7.8
CVE-2020-8351
HIGH
Lenovo PCManager <3.0.50.9162 - Privilege Escalation
CVSS 7.8
CVE-2020-15248
MEDIUM
October CMS <1.0.470 - Privilege Escalation
CVSS 4.0
CVE-2020-7544
HIGH
EcoStruxure Operator Terminal Expert Runtime - Privilege Escalation via Driver Interaction
CVSS 7.8
CVE-2020-12495
CRITICAL
Endress+Hauser Ecograph T - Privilege Escalation
CVSS 9.1
CVE-2020-3482
MEDIUM
Cisco Expressway and TelePresence VCS < X12.6.3 - Unauthenticated Network Access Control Bypass via TURN Server
CVSS 6.5
CVE-2020-26080
MEDIUM
Cisco IoT Field Network Director < 4.6.1 - Authenticated Improper Access Control via JSON Payload Manipulation
CVSS 4.1
Details
Vulnerabilities
2,836
Exploit Likelihood
Medium