Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-269 (特权管理不恰当) — Vulnerability Class 990

990 vulnerabilities classified as CWE-269 (特权管理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-8306 Schneider Electric Vijeo Designer 安全漏洞 — Vijeo Designer 7.8 High2024-09-11
CVE-2024-37980 Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2017 (GDR) 8.8 High2024-09-10
CVE-2024-38014 Windows Installer Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2024-09-10
CVE-2024-39574 Dell InsightIQ 安全漏洞 — PowerScale InsightIQ 6.7 Medium2024-09-10
CVE-2024-45041 External Secrets Operator vulnerable to privilege escalation — external-secrets 8.3 High2024-09-09
CVE-2024-7493 WPCOM Member <= 1.5.2.1 - Unauthenticated Privilege Escalation via User Meta — WPCOM Member 9.8 Critical2024-09-06
CVE-2024-8247 Newsletters <= 4.9.9.2 - Authenticated Privilege Escalation — Newsletters 8.8 High2024-09-06
CVE-2024-33656 Memory Leak in SmmComuptrace Module — AptioV 7.8 High2024-08-21
CVE-2020-11846 Improper handling of token allows access to restricted resource in Privileged Access Manager — Privileged Access Manager 8.7 High2024-08-21
CVE-2023-22576 Dell Repository Manager 安全漏洞 — Dell Repository Manager (DRM) 7.0 High2024-08-21
CVE-2024-43403 Kanister has a potential risk which can be leveraged to make a cluster-level privilege escalation — kanister 8.8 High2024-08-20
CVE-2024-43311 WordPress Login As Users plugin <= 1.4.2 - Broken Authentication vulnerability — Login As Users 9.8 Critical2024-08-19
CVE-2024-43245 WordPress JobSearch plugin <= 2.3.4 - Unauthenticated Account Takeover vulnerability — JobSearch 9.8 Critical2024-08-19
CVE-2024-43401 In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them — xwiki-platform 9.1 Critical2024-08-19
CVE-2024-42440 Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Improper Privilege Management — Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS 6.2 Medium2024-08-14
CVE-2024-43121 WordPress HUSKY plugin <= 1.3.6.1 - Privilege Escalation vulnerability — HUSKY 9.1 Critical2024-08-13
CVE-2024-41903 Siemens SINEC Traffic Analyzer 安全漏洞 — SINEC Traffic Analyzer 6.6 Medium2024-08-13
CVE-2024-22069 Permission and Access Control Vulnerability in ZXV10 XT802/ET301 — ZXV10 XT802 7.1 High2024-08-08
CVE-2024-6359 Privilege escalation vulnerability — ArcSight Intelligence 6.4 Medium2024-08-06
CVE-2024-7291 JetFormBuilder <= 3.3.4.1 - Authenticated (Administrator+) Privilege Escalation — JetFormBuilder — Dynamic Blocks Form Builder 7.2 High2024-08-03
CVE-2024-27181 Apache Linkis Basic management services: Privilege Escalation Attack vulnerability — Apache Linkis Basic management services 6.5AIMediumAI2024-08-02
CVE-2024-22278 Harbor fails to validate the user permissions when updating project configurations — harbor 6.4 Medium2024-08-02
CVE-2024-41949 biscuit-rust vulnerable to public key confusion in third party block — biscuit-rust 3.0 Low2024-08-01
CVE-2023-52209 WordPress WPForms User Registration plugin <= 2.1.0 - Authenticated Privilege Escalation vulnerability — WPForms User Registration 8.0 High2024-08-01
CVE-2024-38770 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.20 - Authentication Bypass and Privilege Escalation Vulnerability — Backup and Staging by WP Time Capsule 9.8 Critical2024-08-01
CVE-2024-38775 WordPress CTX Feed plugin <= 6.5.6 - Arbitrary Options Update vulnerability — CTX Feed 7.2 High2024-08-01
CVE-2024-39633 WordPress PowerPack for Beaver Builder plugin <= 2.33.0 - Contributor+ Privilege Escalation vulnerability — PowerPack for Beaver Builder 8.8 High2024-08-01
CVE-2024-39634 WordPress PowerPack Pro for Elementor plugin <= 2.10.14 - Contributor+ Privilege Escalation vulnerability — PowerPack Pro for Elementor 8.8 High2024-08-01
CVE-2024-41666 The Argo CD web terminal session does not handle the revocation of user permissions properly. — argo-cd 4.7 Medium2024-07-24
CVE-2020-11640 Elevation of Privilege — Advant MOD 300 AdvaBuild 8.8 High2024-07-23

Vulnerabilities classified as CWE-269 (特权管理不恰当) represent 990 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.