Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-26 | CVE-2016-8227 | Improper Access Control vulnerability in Lenovo Transition Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges. | 7.8 |
| 2017-01-23 | CVE-2016-7792 | Improper Access Control vulnerability in Ubiquiti Networks Unifi AP AC Lite Firmware Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it. | 8.8 |
| 2017-01-23 | CVE-2014-8362 | Improper Access Control vulnerability in Vivint SKY Control Panel Firmware 1.1.1.9926 Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface. | 9.8 |
| 2017-01-20 | CVE-2016-8643 | Improper Access Control vulnerability in Moodle In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services. | 4.3 |
| 2017-01-20 | CVE-2016-8642 | Improper Access Control vulnerability in Moodle In Moodle 2.x and 3.x, the question engine allows access to files that should not be available. | 5.3 |
| 2017-01-19 | CVE-2016-9016 | Improper Access Control vulnerability in Firejail Project Firejail 0.9.38.4 Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | 8.8 |
| 2017-01-19 | CVE-2016-7794 | Improper Access Control vulnerability in Sociomantic Git-Hub sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository name. | 9.8 |
| 2017-01-19 | CVE-2016-7793 | Improper Access Control vulnerability in Sociomantic Git-Hub sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL. | 8.8 |
| 2017-01-19 | CVE-2016-7545 | Improper Access Control vulnerability in multiple products SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | 8.8 |
| 2017-01-19 | CVE-2016-5217 | Improper Access Control vulnerability in Google Chrome The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page. | 6.5 |