Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-269 (特权管理不恰当) — Vulnerability Class 990

990 vulnerabilities classified as CWE-269 (特权管理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-23208 IdP group membership revocation ignored in zot — zot 7.3 High2025-01-17
CVE-2024-55954 OpenObserve Improper Authorization Allows Admin User to Remove Root User — openobserve 8.7 High2025-01-16
CVE-2024-9636 Post Grid and Gutenberg Blocks 2.2.85 - 2.3.3 - Unauthenticated Privilege Escalation — Post Grid and Gutenberg Blocks – ComboBlocks 9.8 Critical2025-01-15
CVE-2025-21360 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability — Microsoft AutoUpdate for Mac 7.8 High2025-01-14
CVE-2025-21343 Windows Web Threat Defense User Service Information Disclosure Vulnerability — Windows 11 version 22H2 7.5 High2025-01-14
CVE-2025-21287 Windows Installer Elevation of Privilege Vulnerability — Windows 10 Version 1507 7.8 High2025-01-14
CVE-2024-12398 Zyxel WBE530 安全漏洞 — WBE530 firmware 8.8 High2025-01-14
CVE-2024-11128 Insufficient Hardened Runtime or Library Validation signing in Bitdefender Virus Scanner for macOS — Virus Scanner 7.8 -2025-01-13
CVE-2024-53706 SonicWALL Gen7 SonicOS Cloud platform NSv 安全漏洞 — SonicOS 8.8 -2025-01-09
CVE-2024-56447 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.8 High2025-01-08
CVE-2025-22621 Privilege escalation for users who hold the “splunk_app_soar“ role in the Splunk App for SOAR — Splunk App for SOAR 6.4 Medium2025-01-07
CVE-2024-55632 Trend Micro Apex One 安全漏洞 — Trend Micro Apex One 7.8 High2024-12-31
CVE-2024-55631 Trend Micro Apex One 安全漏洞 — Trend Micro Apex One 7.8 High2024-12-31
CVE-2024-13058 Authenticated, non-admin users can create storage pools via the sifi API — HyperCloud 6.5 -2024-12-30
CVE-2020-9222 华为 FusionCompute 安全漏洞 — FusionCompute 7.0 High2024-12-27
CVE-2020-9080 华为产品安全漏洞 — HUAWEI Mate 20 Pro 7.8 High2024-12-27
CVE-2024-56335 Privilege escalation allows organization groups to be updated/deleted if their UUID is known in vaultwarden — vaultwarden 7.6 High2024-12-20
CVE-2024-12786 X1a0He Adobe Downloader XPC Service com.x1a0he.macOS.Adobe-Downloader.helper shouldAcceptNewConnection privileges management — Adobe Downloader 7.8 High2024-12-19
CVE-2020-15934 Fortinet FortiClient 安全漏洞 — FortiClientLinux 8.6 High2024-12-19
CVE-2024-38499 Improper Privilege Management Vulnerability in CA Client Automation 14.5 — CA Client Automation (ITCM) 6.5 -2024-12-17
CVE-2024-55949 Privilege escalation in IAM import API in MinIO — minio 8.8 -2024-12-16
CVE-2024-11721 Frontend Admin by DynamiApps <= 3.24.5 - Unauthenticated Privilege Escalation — Frontend Admin by DynamiApps 8.1 High2024-12-14
CVE-2024-49035 Partner.Microsoft.Com Elevation of Privilege Vulnerability — Microsoft Partner Center 8.7 High2024-11-26
CVE-2024-52336 Tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root 7.8 High2024-11-26
CVE-2024-9941 WPGYM <= 67.1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation — WPGYM - Wordpress Gym Management System 8.8 High2024-11-23
CVE-2020-26063 Cisco Integrated Management Controller Software Authorization Bypass Vulnerability — Cisco Unified Computing System (Managed) 5.4 Medium2024-11-18
CVE-2024-52926 Delinea Privilege Manager 安全漏洞 — Privilege Manager 6.5 Medium2024-11-18
CVE-2024-9192 WP Video Robot <= 1.20.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta Update — WordPress Video Robot - The Ultimate Video Importer 8.8 High2024-11-16
CVE-2024-52516 Nextcloud Server's shares are not removed when user is limited to share with in their groups and being removed from one of them — security-advisories 3.0 Low2024-11-15
CVE-2024-8068 Privilege escalation to NetworkService Account access — Citrix Session Recording 8.8AIHighAI2024-11-12

Vulnerabilities classified as CWE-269 (特权管理不恰当) represent 990 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.