Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-11 | CVE-2016-10370 | Improper Access Control vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus devices such as the 3T. | 7.5 |
| 2017-05-08 | CVE-2016-10369 | Improper Access Control vulnerability in Lxterminal Project Lxterminal 0.3.0 unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control). | 7.8 |
| 2017-05-04 | CVE-2016-7054 | Improper Access Control vulnerability in Openssl 1.1.0/1.1.0A/1.1.0B In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. | 7.5 |
| 2017-05-03 | CVE-2016-9976 | Improper Access Control vulnerability in IBM products IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. | 8.4 |
| 2017-05-03 | CVE-2016-2930 | Improper Access Control vulnerability in IBM Bigfix Remote Control 9.1.3 IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. | 7.5 |
| 2017-04-28 | CVE-2016-8588 | Improper Access Control vulnerability in Trendmicro Threat Discovery Appliance 2.6.1062 The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uploaded file. | 7.3 |
| 2017-04-28 | CVE-2016-8587 | Improper Access Control vulnerability in Trendmicro Threat Discovery Appliance 2.6.1062 dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/prod/sensorSDK/backup_pol/. | 7.3 |
| 2017-04-28 | CVE-2016-8584 | Improper Access Control vulnerability in Trendmicro Threat Discovery Appliance 2.6.1062 Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value. | 9.8 |
| 2017-04-24 | CVE-2016-5551 | Improper Access Control vulnerability in Oracle Solaris Cluster 4.3 Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). | 2.8 |
| 2017-04-24 | CVE-2015-0104 | Improper Access Control vulnerability in IBM products IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to execute arbitrary code via unspecified vectors. | 8.8 |