Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-648 (特权API的不正确使用) — Vulnerability Class 56

56 vulnerabilities classified as CWE-648 (特权API的不正确使用). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-4009 Privilege Escalation for Project Owner and Project User Admin Roles in Ops Manager — MongoDB Ops Manager 7.2 High2023-08-08
CVE-2023-20136 Cisco Secure Workload 安全漏洞 — Cisco Secure Workload 4.3 Medium2023-06-28
CVE-2023-29507 org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors — xwiki-platform 9.1 Critical2023-04-16
CVE-2023-28062 Dell PowerProtect Data Manager 安全漏洞 — PPDM Reporting (PowerProtect Data Manager) 8.8 High2023-04-11
CVE-2022-20965 Cisco Identity Services Engine 安全漏洞 — Cisco Identity Services Engine Software 4.3 Medium2023-01-18
CVE-2022-4805 Incorrect Use of Privileged APIs in usememos/memos — usememos/memos 8.1 -2022-12-28
CVE-2022-4796 Incorrect Use of Privileged APIs in usememos/memos — usememos/memos 8.1 -2022-12-28
CVE-2022-4687 Incorrect Use of Privileged APIs in usememos/memos — usememos/memos 8.1 -2022-12-23
CVE-2022-20956 Cisco Identity Services Engine 安全漏洞 — Cisco Identity Services Engine Software 7.1 High2022-11-03
CVE-2022-23720 PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file — PingID Windows Login 7.5 High2022-06-30
CVE-2022-2023 Incorrect Use of Privileged APIs in polonel/trudesk — polonel/trudesk 8.8 -2022-06-20
CVE-2022-24821 Incorrect Use of Privileged APIs in org.xwiki.platform.skin.skinx — xwiki-platform 6.8 Medium2022-04-08
CVE-2022-24073 Naver Whale Browser 安全漏洞 — NAVER Whale browser 6.1 -2022-03-17
CVE-2022-24071 Naver Whale browser 安全漏洞 — NAVER Whale browser 4.3 -2022-01-28
CVE-2020-7927 Potential privilege escalation in Ops Manager API — MongoDB Ops Manager 8.1 High2020-11-23
CVE-2020-5291 Privilege escalation in setuid mode via user namespaces in Bubblewrap — bubblewrap 7.2 High2020-03-31
CVE-2019-14812 Artifex Software Ghostscript 安全漏洞 — ghostscript 7.8 -2019-11-27
CVE-2019-10216 Artifex Software Ghostscript 安全漏洞 — ghostscript 7.1 -2019-11-27
CVE-2019-14869 Artifex Software Ghostscript 安全漏洞 — ghostscript 8.8 -2019-11-15
CVE-2019-14813 Artifex Software Ghostscript 权限许可和访问控制问题漏洞 — ghostscript 8.8 -2019-09-06
CVE-2019-14817 Artifex Software Ghostscript 权限许可和访问控制问题漏洞 — ghostscript 7.8 -2019-09-03
CVE-2019-14811 Artifex Software Ghostscript 权限许可和访问控制问题漏洞 — ghostscript 7.8 -2019-09-03
CVE-2019-1010178 MODX Fred 访问控制错误漏洞 — MODX Revolution 9.8 -2019-07-24
CVE-2019-3839 Artifex Software Ghostscript 权限许可和访问控制问题漏洞 — ghostscript 7.1 -2019-05-16
CVE-2019-3835 Artifex Software Ghostscript 访问控制错误漏洞 — ghostscript 5.5 -2019-03-25
CVE-2019-3838 Artifex Software Ghostscript 访问控制错误漏洞 — ghostscript 5.5 -2019-03-25

Vulnerabilities classified as CWE-648 (特权API的不正确使用) represent 56 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.