Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-28 | CVE-2016-9460 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content-spoofing attack in the files app. | 5.3 |
| 2017-03-28 | CVE-2016-9122 | Improper Access Control vulnerability in Go-Jose Project Go-Jose go-jose before 1.0.4 suffers from multiple signatures exploitation. | 7.5 |
| 2017-03-24 | CVE-2016-10144 | Improper Access Control vulnerability in Imagemagick coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. | 9.8 |
| 2017-03-24 | CVE-2016-10130 | Improper Access Control vulnerability in Libgit2 Project Libgit2 0.25.0 The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable. | 5.9 |
| 2017-03-23 | CVE-2015-8627 | Improper Access Control vulnerability in Mediawiki MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers to bypass intended access restrictions by using an IP address that was not supposed to have been allowed. | 5.3 |
| 2017-03-23 | CVE-2016-7468 | Improper Access Control vulnerability in F5 products An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. | 5.9 |
| 2017-03-23 | CVE-2016-5750 | Improper Access Control vulnerability in Netiq Access Manager 4.1/4.2 The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users. | 8.8 |
| 2017-03-23 | CVE-2016-5747 | Improper Access Control vulnerability in Novell Edirectory A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies. | 7.5 |
| 2017-03-15 | CVE-2016-5239 | Improper Access Control vulnerability in Imagemagick The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors. | 9.8 |
| 2017-03-14 | CVE-2016-8010 | Improper Access Control vulnerability in Mcafee Application Control and Endpoint Security Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | 7.8 |