Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-269 (特权管理不恰当) — Vulnerability Class 992

992 vulnerabilities classified as CWE-269 (特权管理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-21622 Craft CMS Privilege Escalation — cms 5.4 Medium2024-01-03
CVE-2023-48418 User Build misconfiguration resulting in local escalation of privilege — Pixel Watch 10.0 Critical2024-01-02
CVE-2023-48419 An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in EoP — Google Nest Mini 10.0 Critical2024-01-02
CVE-2023-7080 Arbitrary remote code execution within wrangler dev Workers sandbox — wrangler 8.5 High2023-12-29
CVE-2023-23430 Honor AI Space 安全漏洞 — com.hihonor.magichome 3.3 Low2023-12-29
CVE-2023-23429 Honor Magic Ui 安全漏洞 — Magic OS 4.0 Medium2023-12-29
CVE-2023-23428 Honor Magic Ui 安全漏洞 — Magic OS 3.3 Low2023-12-29
CVE-2023-23427 Honor Magic Ui 安全漏洞 — Magic OS 4.0 Medium2023-12-29
CVE-2023-50267 MeterSphere horizontal privilege escalation vulnerability of resources in project scope. — metersphere 4.3 Medium2023-12-28
CVE-2023-7090 Sudo: improper handling of ipa_hostname leads to privilege mismanagement — sudo 6.6 Medium2023-12-23
CVE-2023-51386 Sandbox Accounts for Events vulnerable to privilege escalation to read running events data — sandbox-accounts-for-events 7.8 High2023-12-22
CVE-2023-6804 Improper Privilege Management allows for arbitrary workflows to be run — Enterprise Server 6.5 Medium2023-12-21
CVE-2023-46647 Improper Privilege Management in GitHub Enterprise Server management console leads to privilege escalation — Enterprise Server 8.0 High2023-12-21
CVE-2023-6793 PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator — PAN-OS 2.7 Low2023-12-13
CVE-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter — CPython 6.1 Medium2023-12-08
CVE-2023-45083 HyperCloud: "admin" and "serveradmin" users can be deleted — HyperCloud 4.2 Medium2023-12-05
CVE-2023-6218 MOVEit Transfer Group Admin Privilege Escalation — MOVEit Transfer 7.2 High2023-11-29
CVE-2023-5960 Zyxel USG FLEX 安全漏洞 — USG FLEX series firmware 5.5 Medium2023-11-28
CVE-2023-5797 Zyxel ATP 安全漏洞 — ATP series firmware 5.5 Medium2023-11-28
CVE-2023-5650 Zyxel ATP 安全漏洞 — ATP series firmware 5.5 Medium2023-11-28
CVE-2023-37925 Zyxel ATP 安全漏洞 — ATP series firmware 5.5 Medium2023-11-28
CVE-2023-41808 Arbitrary File Read As Root Via GoTTY Page — Pandora FMS 8.5 High2023-11-23
CVE-2023-41807 Linux Local Privilege Escalation Via GoTTY Page — Pandora FMS 9.1 Critical2023-11-23
CVE-2023-41806 Misassignment of privileges can cause DOS attack — Pandora FMS 8.2 High2023-11-23
CVE-2021-37937 Elasticsearch privilege escalation — Elasticsearch 5.9 Medium2023-11-22
CVE-2021-37942 APM Java Agent Local Privilege Escalation — Elastic APM Java Agent 7.0 High2023-11-22
CVE-2023-20274 Cisco AppDynamics PHP Agent 安全漏洞 — Cisco AppDynamics 6.3 Medium2023-11-21
CVE-2023-6119 Trellix GetSusp 安全漏洞 — GetSusp 6.5 Medium2023-11-16
CVE-2023-47629 Privilege escalation through email sign-up in datahub — datahub 7.1 High2023-11-14
CVE-2023-6099 Shenzhen Youkate Industrial Facial Love Cloud Payment System Account SystemMng.ashx privileges management — Facial Love Cloud Payment System 7.3 High2023-11-13

Vulnerabilities classified as CWE-269 (特权管理不恰当) represent 992 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.