CWE-648

Low likelihood

Incorrect Use of Privileged APIs

Parent: CWE-269 - Improper Privilege Management

The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly.

61 vulnerabilities with CWE-648
CVE-2020-5291 HIGH
Bubblewrap <0.4.1 - Privilege Escalation
CVSS 7.2
CVE-2019-14812 HIGH
Ghostscript <9.50 - Privilege Escalation
CVSS 7.8
CVE-2019-10216 HIGH
Ghostscript <9.50 - Privilege Escalation
CVSS 7.8
CVE-2019-14869 HIGH
Ghostscript 9.x <9.50 - Privilege Escalation
CVSS 8.8
CVE-2019-14813 CRITICAL
Artifex Ghostscript < 9.50 - Incorrect Authorization
CVSS 9.8
CVE-2019-14817 HIGH
Artifex Ghostscript < 9.50 - Incorrect Authorization
CVSS 7.8
CVE-2019-14811 HIGH
Artifex Ghostscript < 9.50 - Incorrect Authorization
CVSS 7.8
CVE-2019-1010178 CRITICAL
Fred MODX Revolution < 1.0.0-beta5 - RCE
CVSS 9.8
CVE-2019-3839 HIGH
Ghostscript <9.27 - Privilege Escalation
CVSS 7.8
CVE-2019-3838 MEDIUM
Ghostscript <9.27 - File System Access
CVSS 5.5
CVE-2019-3835 MEDIUM
Ghostscript <9.27 - Code Injection
CVSS 5.5
Details
Vulnerabilities 61
Exploit Likelihood Low
Links
MITRE CWE Entry Search this CWE With Exploits