Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-19 | CVE-2016-7545 | Improper Access Control vulnerability in multiple products SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. | 8.8 |
| 2017-01-19 | CVE-2016-5217 | Improper Access Control vulnerability in Google Chrome The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page. | 6.5 |
| 2017-01-19 | CVE-2016-5206 | Improper Access Control vulnerability in Google Chrome The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page. | 8.8 |
| 2017-01-18 | CVE-2016-10148 | Improper Access Control vulnerability in Wordpress The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to wp-admin/admin-ajax.php, a related issue to CVE-2016-6896. | 4.3 |
| 2017-01-12 | CVE-2016-8606 | Improper Access Control vulnerability in multiple products The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack. | 9.8 |
| 2017-01-12 | CVE-2016-8444 | Improper Access Control vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-01-12 | CVE-2016-8435 | Improper Access Control vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-01-12 | CVE-2016-8434 | Improper Access Control vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-01-12 | CVE-2016-8415 | Improper Access Control vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-01-12 | CVE-2016-8412 | Improper Access Control vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |