Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-07 | CVE-2015-3295 | Improper Access Control vulnerability in Markdown-It Project Markdown-It 4.0.3 markdown-it before 4.1.0 does not block data: URLs. | 5.3 |
| 2017-06-07 | CVE-2016-6089 | Improper Access Control vulnerability in IBM Websphere MQ 9.0.0.0/9.0.1 IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. | 5.5 |
| 2017-06-06 | CVE-2016-0768 | Improper Access Control vulnerability in Postgresql PostgreSQL PL/Java after 9.0 does not honor access controls on large objects. | 7.5 |
| 2017-06-06 | CVE-2015-9006 | Improper Access Control vulnerability in Google Android In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. | 7.8 |
| 2017-05-16 | CVE-2016-10237 | Improper Access Control vulnerability in Google Android If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory. | 7.8 |
| 2017-05-11 | CVE-2016-10370 | Improper Access Control vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus devices such as the 3T. | 7.5 |
| 2017-05-08 | CVE-2016-10369 | Improper Access Control vulnerability in Lxterminal Project Lxterminal 0.3.0 unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control). | 7.8 |
| 2017-05-04 | CVE-2016-7054 | Improper Access Control vulnerability in Openssl 1.1.0/1.1.0A/1.1.0B In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. | 7.5 |
| 2017-05-03 | CVE-2016-9976 | Improper Access Control vulnerability in IBM products IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. | 8.4 |
| 2017-05-03 | CVE-2016-2930 | Improper Access Control vulnerability in IBM Bigfix Remote Control 9.1.3 IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. | 7.5 |