CWE-274 · Improper Handling of Insufficient Privileges
39 CVEs classified under CWE-274 (Improper Handling of Insufficient Privileges). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-20156 | Critical | 9.9 | 2025-01-22 | A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administr… |
CVE-2024-0105 | High | 8.9 | 2024-11-01 | NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of th… |
CVE-2020-7267 | High | 8.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user wou… |
CVE-2020-7266 | High | 8.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the… |
CVE-2020-7265 | High | 8.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not ha… |
CVE-2020-7264 | High | 8.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user woul… |
CVE-2024-0106 | High | 8.7 | 2024-11-01 | NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insuffi… |
CVE-2023-35928 | High | 8.5 | 2023-06-23 | Nextcloud Server is a space for data storage on Nextcloud, a self-hosted productivity playform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 unt… |
CVE-2024-21648 | High | 8.0 | 2024-01-08 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a u… |
CVE-2020-24676 | High | 7.8 | 2020-12-22 | In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) u… |
CVE-2020-7290 | High | 7.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee Active Response (MAR) for Linux prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions… |
CVE-2020-7291 | High | 7.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee Active Response (MAR) for Mac prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions th… |
CVE-2020-7287 | High | 7.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Linux prior to 3.1.0 Hotfix 1 allows a malicious script or program to per… |
CVE-2020-7288 | High | 7.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Mac prior to 3.1.0 Hotfix 1 allows a malicious script or program to perfo… |
CVE-2020-7289 | High | 7.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee Active Response (MAR) for Windows prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform function… |
CVE-2020-7285 | High | 7.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.5.0.94 allows a malicious script or program to perform functions that the local execu… |
CVE-2020-7286 | High | 7.8 | 2020-05-08 | Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to p… |
CVE-2023-39375 | High | 7.5 | 2023-09-26 | SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges |
CVE-2020-7283 | High | 7.5 | 2020-07-03 | Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation… |
CVE-2022-45101 | High | 7.3 | 2023-02-01 | Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker coul… |