Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-09 | CVE-2016-7824 | Improper Access Control vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7811 | Improper Access Control vulnerability in Corega Cg-Wlr300Nx Firmware 1.20 Corega CG-WLR300NX firmware Ver. | 8.8 |
| 2017-06-09 | CVE-2016-7807 | Improper Access Control vulnerability in Iodata Wfs-Sr01 Firmware 1.10 I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors. | 7.5 |
| 2017-06-09 | CVE-2016-7801 | Improper Access Control vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors. | 4.3 |
| 2017-06-09 | CVE-2016-4910 | Improper Access Control vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to delete other operational administrators' MultiReport filters via unspecified vectors. | 4.3 |
| 2017-06-09 | CVE-2016-4908 | Improper Access Control vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors. | 4.3 |
| 2017-06-08 | CVE-2016-6098 | Improper Access Control vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 8.1 |
| 2017-06-08 | CVE-2015-2692 | Improper Access Control vulnerability in Adblock AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters. | 10.0 |
| 2017-06-08 | CVE-2016-3112 | Improper Access Control vulnerability in Pulpproject Pulp client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user. | 7.5 |
| 2017-06-08 | CVE-2016-3107 | Improper Access Control vulnerability in Pulpproject Pulp The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data. | 5.5 |