Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-20 | CVE-2018-16553 | Improper Access Control vulnerability in Jspxcms 9.0.0 In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin. | 7.2 |
| 2019-06-19 | CVE-2019-2729 | Improper Access Control vulnerability in Oracle products Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). | 9.8 |
| 2019-06-19 | CVE-2018-17148 | Improper Access Control vulnerability in Nagios XI An Insufficient Access Control vulnerability (leading to credential disclosure) in coreconfigsnapshot.php (aka configuration snapshot page) in Nagios XI before 5.5.4 allows remote attackers to gain access to configuration files containing confidential credentials. | 9.8 |
| 2019-06-17 | CVE-2017-10721 | Improper Access Control vulnerability in Ishekar Endoscope Camera Firmware Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has Telnet functionality enabled by default. | 6.5 |
| 2019-06-17 | CVE-2018-18958 | Improper Access Control vulnerability in Opnsense OPNsense 18.7.x before 18.7.7 has Incorrect Access Control. | 6.5 |
| 2019-06-12 | CVE-2019-10925 | Improper Access Control vulnerability in Siemens Simatic Mv420 Firmware and Simatic Mv440 Firmware A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). | 7.1 |
| 2019-06-07 | CVE-2018-10691 | Improper Access Control vulnerability in Moxa Awk-3121 Firmware 1.14 An issue was discovered on Moxa AWK-3121 1.14 devices. | 7.5 |
| 2019-06-07 | CVE-2018-5264 | Improper Access Control vulnerability in UI Unifi Firmware Ubiquiti UniFi 52 devices, when Hotspot mode is used, allow remote attackers to bypass intended restrictions on "free time" Wi-Fi usage by sending a /guest/s/default/ request to obtain a cookie, and then using this cookie in a /guest/s/default/login request with the byfree parameter. | 5.9 |
| 2019-05-24 | CVE-2018-13895 | Improper Access Control vulnerability in Qualcomm products Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20 | 7.8 |
| 2019-05-23 | CVE-2017-11365 | Improper Access Control vulnerability in Sensiolabs Symfony Certain Symfony products are affected by: Incorrect Access Control. | 9.8 |