Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-27 | CVE-2016-8282 | Improper Access Control vulnerability in Oracle Flexcube Private Banking 12.0.1/2.0.1/2.2.0 Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). | 6.1 |
| 2017-01-27 | CVE-2016-1920 | Improper Access Control vulnerability in Samsung Knox 1.0 Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | 5.5 |
| 2017-01-26 | CVE-2016-8227 | Improper Access Control vulnerability in Lenovo Transition Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges. | 7.8 |
| 2017-01-23 | CVE-2016-7792 | Improper Access Control vulnerability in Ubiquiti Networks Unifi AP AC Lite Firmware Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it. | 8.8 |
| 2017-01-23 | CVE-2014-8362 | Improper Access Control vulnerability in Vivint SKY Control Panel Firmware 1.1.1.9926 Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface. | 9.8 |
| 2017-01-20 | CVE-2016-8643 | Improper Access Control vulnerability in Moodle In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services. | 4.3 |
| 2017-01-20 | CVE-2016-8642 | Improper Access Control vulnerability in Moodle In Moodle 2.x and 3.x, the question engine allows access to files that should not be available. | 5.3 |
| 2017-01-19 | CVE-2016-9016 | Improper Access Control vulnerability in Firejail Project Firejail 0.9.38.4 Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | 8.8 |
| 2017-01-19 | CVE-2016-7794 | Improper Access Control vulnerability in Sociomantic Git-Hub sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository name. | 9.8 |
| 2017-01-19 | CVE-2016-7793 | Improper Access Control vulnerability in Sociomantic Git-Hub sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL. | 8.8 |