Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-14 | CVE-2013-7460 | Improper Access Control vulnerability in Mcafee Application Control and Change Control A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions. | 5.5 |
| 2017-03-14 | CVE-2016-9368 | Improper Access Control vulnerability in Eaton Xcomfort Ethernet Communication Interface 1.07 An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and prior. | 7.5 |
| 2017-03-07 | CVE-2016-9245 | Improper Access Control vulnerability in F5 products In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. | 5.9 |
| 2017-03-07 | CVE-2016-6255 | Improper Access Control vulnerability in multiple products Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler. | 7.5 |
| 2017-03-03 | CVE-2016-8236 | Improper Access Control vulnerability in Lenovo Thinkserver Firmware 3.76.208 Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77. | 7.5 |
| 2017-03-03 | CVE-2016-10065 | Improper Access Control vulnerability in multiple products The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | 7.8 |
| 2017-03-03 | CVE-2016-7408 | Improper Access Control vulnerability in Dropbear SSH Project Dropbear SSH The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted (1) -m or (2) -c argument. | 8.8 |
| 2017-03-03 | CVE-2016-10193 | Improper Access Control vulnerability in Espeak-Ruby Project Espeak-Ruby The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak, save, bytes or bytes_wav method in lib/espeak/speech.rb. | 9.8 |
| 2017-02-27 | CVE-2016-9818 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. | 6.5 |
| 2017-02-27 | CVE-2016-9817 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set. | 6.5 |