Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-16 | CVE-2018-7362 | Improper Access Control vulnerability in ZTE Zxhn F670 Firmware All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router. | 8.8 |
| 2018-10-30 | CVE-2018-17931 | Improper Access Control vulnerability in Vecna VGO Firmware 3.0.3.52164/3.0.3.53662 If an attacker has physical access to the VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. | 6.8 |
| 2018-10-29 | CVE-2018-17908 | Improper Access Control vulnerability in Advantech Webaccess WebAccess Versions 8.3.2 and prior. | 7.8 |
| 2018-08-20 | CVE-2016-7048 | Improper Access Control vulnerability in Postgresql The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software. | 8.1 |
| 2018-07-13 | CVE-2016-6543 | Improper Access Control vulnerability in Ieasytec Itrack Easy A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device. | 5.9 |
| 2018-07-11 | CVE-2013-2972 | Improper Access Control vulnerability in IBM Websphere Cast Iron Cloud Integration 6.0.0.0/6.1.0.0/6.3.0.0 IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. | 7.5 |
| 2018-06-11 | CVE-2016-9905 | Improper Access Control vulnerability in multiple products A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. | 8.8 |
| 2018-05-11 | CVE-2009-5151 | Improper Access Control vulnerability in Absolute Computrace Agent 70.785 The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. | 6.7 |
| 2018-05-11 | CVE-2009-5150 | Improper Access Control vulnerability in Absolute Computrace Agent 80.845/80.866 Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. | 6.7 |
| 2018-05-02 | CVE-2013-6272 | Improper Access Control vulnerability in Google Android The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application. | 7.8 |