Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-13 | CVE-2016-6143 | Improper Access Control vulnerability in SAP Hana 1.00.73.00.389160 SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806. | 9.8 |
| 2017-04-13 | CVE-2016-4800 | Improper Access Control vulnerability in Eclipse Jetty The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes. | 9.8 |
| 2017-04-13 | CVE-2015-8284 | Improper Access Control vulnerability in Seawell Networks Spectrum SDC 02.05.00 SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions. | 8.8 |
| 2017-04-12 | CVE-2016-1178 | Improper Access Control vulnerability in Appleple A-Blog CMS The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors. | 6.5 |
| 2017-04-10 | CVE-2016-6605 | Improper Access Control vulnerability in Cloudera CDH Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. | 7.5 |
| 2017-04-10 | CVE-2016-5058 | Improper Access Control vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay. | 7.5 |
| 2017-04-10 | CVE-2016-5054 | Improper Access Control vulnerability in Osram Lightify Home 1.6.1 OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay. | 7.5 |
| 2017-04-10 | CVE-2015-8275 | Improper Access Control vulnerability in Eparaksts Edoc-Libraries and Eparakstitajs 3 LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files. | 5.5 |
| 2017-04-10 | CVE-2015-7265 | Improper Access Control vulnerability in Proxygen Project Proxygen Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks. | 7.5 |
| 2017-04-10 | CVE-2015-7263 | Improper Access Control vulnerability in Proxygen Project Proxygen The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value. | 7.5 |