Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-05 | CVE-2016-10030 | Improper Access Control vulnerability in Schedmd Slurm The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. | 8.1 |
| 2017-01-03 | CVE-2016-10105 | Improper Access Control vulnerability in Piwigo admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. | 9.8 |
| 2016-12-30 | CVE-2016-10085 | Improper Access Control vulnerability in Piwigo admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter. | 7.2 |
| 2016-12-30 | CVE-2016-10084 | Improper Access Control vulnerability in Piwigo admin/batch_manager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page['tab'] variable (aka the mode parameter). | 7.2 |
| 2016-12-30 | CVE-2016-10082 | Improper Access Control vulnerability in S9Y Serendipity include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include() call in the bundled-libs/serendipity_generateFTPChecksums.php file. | 9.8 |
| 2016-12-29 | CVE-2016-9877 | Improper Access Control vulnerability in multiple products An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. | 9.8 |
| 2016-12-23 | CVE-2016-7967 | Improper Access Control vulnerability in KDE Kmail KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. | 8.1 |
| 2016-12-18 | CVE-2016-5192 | Improper Access Control vulnerability in Google Chrome Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages. | 6.5 |
| 2016-12-18 | CVE-2016-5189 | Improper Access Control vulnerability in Google Chrome Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted navigation to blob URLs with non-canonical origins, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages. | 6.5 |
| 2016-12-17 | CVE-2016-9951 | Improper Access Control vulnerability in Apport Project Apport An issue was discovered in Apport before 2.20.4. | 6.5 |