Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-09 | CVE-2016-4908 | Improper Access Control vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors. | 4.3 |
| 2017-06-08 | CVE-2016-6098 | Improper Access Control vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 8.1 |
| 2017-06-08 | CVE-2015-2692 | Improper Access Control vulnerability in Adblock AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters. | 10.0 |
| 2017-06-08 | CVE-2016-3112 | Improper Access Control vulnerability in Pulpproject Pulp client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user. | 7.5 |
| 2017-06-08 | CVE-2016-3107 | Improper Access Control vulnerability in Pulpproject Pulp The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data. | 5.5 |
| 2017-06-07 | CVE-2015-3295 | Improper Access Control vulnerability in Markdown-It Project Markdown-It 4.0.3 markdown-it before 4.1.0 does not block data: URLs. | 5.3 |
| 2017-06-07 | CVE-2016-6089 | Improper Access Control vulnerability in IBM Websphere MQ 9.0.0.0/9.0.1 IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. | 5.5 |
| 2017-06-06 | CVE-2016-0768 | Improper Access Control vulnerability in Postgresql PostgreSQL PL/Java after 9.0 does not honor access controls on large objects. | 7.5 |
| 2017-06-06 | CVE-2015-9006 | Improper Access Control vulnerability in Google Android In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. | 7.8 |
| 2017-05-16 | CVE-2016-10237 | Improper Access Control vulnerability in Google Android If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory. | 7.8 |