Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-27 | CVE-2015-3840 | Improper Access Control vulnerability in Google Android The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission. | 5.5 |
| 2017-06-13 | CVE-2016-10335 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, libtomcrypt was updated. | 5.5 |
| 2017-06-13 | CVE-2016-10334 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten. | 5.5 |
| 2017-06-13 | CVE-2016-10333 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS. | 5.5 |
| 2017-06-13 | CVE-2015-9029 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory. | 7.8 |
| 2017-06-13 | CVE-2015-9024 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications. | 5.5 |
| 2017-06-13 | CVE-2015-9021 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled. | 5.5 |
| 2017-06-13 | CVE-2014-9961 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection. | 7.8 |
| 2017-06-09 | CVE-2016-7833 | Improper Access Control vulnerability in Cybozu Dezie Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. | 7.5 |
| 2017-06-09 | CVE-2016-7824 | Improper Access Control vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. | 8.8 |