Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2016-1587 | Improper Access Control vulnerability in Snapweb The Snapweb interface before version 0.21.2 was exposing controls to install or remove snap packages without controlling the identity of the user, nor the origin of the connection. | 7.5 |
| 2019-03-26 | CVE-2010-5305 | Improper Access Control vulnerability in Rockwellautomation products The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. | 9.8 |
| 2019-02-15 | CVE-2013-5654 | Improper Access Control vulnerability in Yingzhipython Project Yingzhipython 1.9 Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage | 9.1 |
| 2019-01-24 | CVE-2019-1647 | Improper Access Control vulnerability in Cisco Sd-Wan and Vsmart Controller A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers. | 8.0 |
| 2018-11-16 | CVE-2018-7362 | Improper Access Control vulnerability in ZTE Zxhn F670 Firmware All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router. | 8.8 |
| 2018-10-30 | CVE-2018-17931 | Improper Access Control vulnerability in Vecna VGO Firmware 3.0.3.52164/3.0.3.53662 If an attacker has physical access to the VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. | 6.8 |
| 2018-10-29 | CVE-2018-17908 | Improper Access Control vulnerability in Advantech Webaccess WebAccess Versions 8.3.2 and prior. | 7.8 |
| 2018-08-20 | CVE-2016-7048 | Improper Access Control vulnerability in Postgresql The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software. | 8.1 |
| 2018-07-13 | CVE-2016-6543 | Improper Access Control vulnerability in Ieasytec Itrack Easy A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device. | 5.9 |
| 2018-07-11 | CVE-2013-2972 | Improper Access Control vulnerability in IBM Websphere Cast Iron Cloud Integration 6.0.0.0/6.1.0.0/6.3.0.0 IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. | 7.5 |