Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-24 | CVE-2016-10144 | Improper Access Control vulnerability in Imagemagick coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. | 9.8 |
| 2017-03-24 | CVE-2016-10130 | Improper Access Control vulnerability in Libgit2 Project Libgit2 0.25.0 The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable. | 5.9 |
| 2017-03-23 | CVE-2015-8627 | Improper Access Control vulnerability in Mediawiki MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers to bypass intended access restrictions by using an IP address that was not supposed to have been allowed. | 5.3 |
| 2017-03-23 | CVE-2016-7468 | Improper Access Control vulnerability in F5 products An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. | 5.9 |
| 2017-03-23 | CVE-2016-5750 | Improper Access Control vulnerability in Netiq Access Manager 4.1/4.2 The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users. | 8.8 |
| 2017-03-23 | CVE-2016-5747 | Improper Access Control vulnerability in Novell Edirectory A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies. | 7.5 |
| 2017-03-15 | CVE-2016-5239 | Improper Access Control vulnerability in Imagemagick The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors. | 9.8 |
| 2017-03-14 | CVE-2016-8010 | Improper Access Control vulnerability in Mcafee Application Control and Endpoint Security Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | 7.8 |
| 2017-03-14 | CVE-2016-8007 | Improper Access Control vulnerability in Mcafee Host Intrusion Prevention Services 8.0 Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions. | 6.3 |
| 2017-03-14 | CVE-2015-8987 | Improper Access Control vulnerability in Mcafee Agent Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server. | 5.3 |